CVE-2007-2017
published 2007-04-12CVE-2007-2017: siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information…
PriorityP433high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
1.76%
75.2th percentile
siteadmin/useredit.php in AlstraSoft Video Share Enterprise does not check authentication, which allows remote attackers to obtain or modify user information via a direct request.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| alstrasoft | video_share_enterprise | <= 4.1 | — |
| alstrasoft | video_share_enterprise | <= 4.2 | — |
| alstrasoft | video_share_enterprise | <= 4.3 | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Word 2007 (x86) - Information Disclosure
exploitdb·2017-09-30
Microsoft Word 2007 (x86) - Information Disclosure
Microsoft Word 2007 (x86) - Information Disclosure
---
Title: MS Office Word Information Disclosure Vulnerability
Date: September 30th, 2017.
Author: Eduardo Braun Prado
Vendor Homepage: http://www.microsoft.com/
Software Link: https://products.office.com/
Version: 2007 32-bits (x86)
Tested on: Windows 8/7/Server 2008/Vista/Server 2003/XP (X86 and x64)
CVE: N/A
Description:
MS Office Word contains an Internet Explorer (IE) Script execution issue through a currently well known vector:
The "Microsoft Scriptlet Component" ActiveX.
Originally found by info sec. researcher Juan Pablo Lopez Yacubian and made public on May, 2008, this issue
allowed web pages to be displayed, inline, in Office documents, rendered by the MS IE rendering engine.
This issue facilitates attacks against the
Exploit-DB
Microsoft Excel - OLE Arbitrary Code Execution
exploitdb·2017-09-30
CVE-2017-0199 Microsoft Excel - OLE Arbitrary Code Execution
Microsoft Excel - OLE Arbitrary Code Execution
---
Title: MS Office Excel (all versions) Arbitrary Code Execution Vulnerability
Date: September 30th, 2017.
Author: Eduardo Braun Prado
Vendor Homepage: http://www.microsoft.com/
Software Link: https://products.office.com/
Version: 2007,2010,2013,2016 32/64 bits (x86 and x64)
Tested on: Windows 10/8.1/8.0/7/Server 2012/Server 2008/Vista (X86 and x64)
CVE: 2017-0199
Description:
MS Excel contains a remote code execution vulnerability upon processing OLE objects. Although this is a different issue from the
MS Word HTA execution vulnerability, it has been patched together, 'silently'. By performing some tests from the Word HTA PoC posted
on exploit-db[dot]com, it´s possible to exploit it through Excel too, however the target would ne
Exploit-DB
Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution
exploitdb·2017-09-28
Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution
Microsoft Office Groove - 'Workspace Shortcut' Arbitrary Code Execution
---
Title: MS Office Groove 'Workspace Shortcut' Arbitrary Code Execution Vulnerability
Date: September 28th, 2017.
Author: Eduardo Braun Prado
Vendor Homepage: http://www.microsoft.com/
Software Link: https://products.office.com/
Version: 2007 32-bits (x86)
Tested on: Windows 7/Server 2008/Vista/Server 2003/XP (X86 and x64)
CVE: N/A
Description:
MS Office Groove contains a security bypass issue regarding 'Workspace Shortcut' files (.GLK)
because it allows arbitrary (registered) URL Protocols to be passed, when only 'grooveTelespace://' URLs
should be allowed, which allows execution of arbitrary code upon opening a 'GLK' file.
Usually, URLs are passed to web browsers, but because it uses 'ShellExecute()', i
Exploit-DB
LibTIFF - '_TIFFVGetField (tiffsplit)' Out-of-Bounds Read
exploitdb·2017-07-06
CVE-2017-9147 LibTIFF - '_TIFFVGetField (tiffsplit)' Out-of-Bounds Read
LibTIFF - '_TIFFVGetField (tiffsplit)' Out-of-Bounds Read
---
Source: http://bugzilla.maptools.org/show_bug.cgi?id=2693
On 4.0.7:
# tiffsplit $FILE
==2007== Invalid read of size 4
==2007== at 0x40CD1A: _TIFFVGetField (tif_dir.c:1072)
==2007== by 0x41B2C5: TIFFVGetField (tif_dir.c:1198)
==2007== by 0x41B2C5: TIFFGetField (tif_dir.c:1182)
==2007== by 0x404CCF: tiffcp (tiffsplit.c:220)
==2007== by 0x404CCF: main (tiffsplit.c:89)
==2007== Address 0x0 is not stack'd, malloc'd or (recently) free'd
------- Comment #1 From zhangtan 2017-05-15 01:20:26 -------
The place of Out of bound read:
ret_val = 0;
for (i = 0; i td_customValueCount; i++) {
TIFFTagValue *tv = td->td_customValues + i;
if (tv->info->field_tag != tag)
continue;
------- Comment #2 From zhangtan 2017-05-15 01:29:10 ------
Trendmicro
CVE-2017-9791: New Apache Struts RCE Vulnerability
blogs_trendmicro·2017-07-13·CVSS 9.8
CVE-2017-9791 [CRITICAL] CVE-2017-9791: New Apache Struts RCE Vulnerability
# CVE-2017-9791: New Apache Struts RCE Vulnerability
The Apache Struts framework is useful for building modern Java-based web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x
By: Govind Sarda
2017/07/13
Read time: ( words)
Save to Folio
The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developer to use existing Struts 1 Actions and ActionForms in Struts 2 web applications. A vulnerability has b
Trendmicro
CVE-2017-9791: New Apache Struts RCE Vulnerability
blogs_trendmicro·2017-07-13·CVSS 9.8
CVE-2017-9791 [CRITICAL] CVE-2017-9791: New Apache Struts RCE Vulnerability
## CVE-2017-9791: New Apache Struts RCE Vulnerability
The Apache Struts framework is useful for building modern Java-based web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x
By: Govind Sarda Jul 13, 2017 Read time: ( words)
Save to Folio
The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developers to use existing Struts 1 Actions and ActionForms in Struts 2 web applications. A vulnerability ha
Trendmicro
CVE-2017-9791: New Apache Struts RCE Vulnerability
blogs_trendmicro·2017-07-13·CVSS 9.8
CVE-2017-9791 [CRITICAL] CVE-2017-9791: New Apache Struts RCE Vulnerability
Exploits & Vulnerabilities
## CVE-2017-9791: New Apache Struts RCE Vulnerability
The Apache Struts framework is useful for building modern Java-based web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x
By: Govind Sarda Jul 13, 2017 Read time: ( words)
Save to Folio
The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developer to use existing Struts 1 Actions and ActionForms in Struts 2 web appli
Trendmicro
CVE-2017-9791: New Apache Struts RCE Vulnerability
blogs_trendmicro·2017-07-13·CVSS 9.8
CVE-2017-9791 [CRITICAL] CVE-2017-9791: New Apache Struts RCE Vulnerability
## CVE-2017-9791: New Apache Struts RCE Vulnerability
The Apache Struts framework is useful for building modern Java-based web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x
By: Govind Sarda Jul 13, 2017 Read time: ( words)
Save to Folio
The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developer to use existing Struts 1 Actions and ActionForms in Struts 2 web applications. A vulnerability has
Trendmicro
CVE-2017-9791: New Apache Struts RCE Vulnerability
blogs_trendmicro·2017-07-13·CVSS 9.8
CVE-2017-9791 [CRITICAL] CVE-2017-9791: New Apache Struts RCE Vulnerability
## CVE-2017-9791: New Apache Struts RCE Vulnerability
The Apache Struts framework is useful for building modern Java-based web applications. A vulnerability has been found in this plugin that could allow remote code execution on the affected server, if used with Struts 2.3.x
By: Govind Sarda 2017/07/13 Read time: ( words)
Save to Folio
The Apache Struts framework is useful for building modern Java-based web applications, with two major versions, Apache Struts 1 and Apache Struts 2, released so far. Support for Apache Struts 1 ended in 2008 with the adoption of Apache Struts 2, which reached its first full release at the start of 2007. A Struts 1 plugin is available that allows developer to use existing Struts 1 Actions and ActionForms in Struts 2 web applications. A vulnerability has b
http://pridels0.blogspot.com/2007/03/alstrasoft-video-share-enterprise.htmlhttp://secunia.com/advisories/24836http://www.alstrasoft.com/videoshare_fix.ziphttp://www.attrition.org/pipermail/vim/2007-July/001707.htmlhttp://www.securityfocus.com/bid/23409http://www.vupen.com/english/advisories/2007/1331https://exchange.xforce.ibmcloud.com/vulnerabilities/33548http://pridels0.blogspot.com/2007/03/alstrasoft-video-share-enterprise.htmlhttp://secunia.com/advisories/24836http://www.alstrasoft.com/videoshare_fix.ziphttp://www.attrition.org/pipermail/vim/2007-July/001707.htmlhttp://www.securityfocus.com/bid/23409http://www.vupen.com/english/advisories/2007/1331https://exchange.xforce.ibmcloud.com/vulnerabilities/33548
2007-04-12
Published