CVE-2010-2015
published 2010-05-24CVE-2010-2015: Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action…
PriorityP338medium6.8CVSS 2.0
AVNACMAuNCPIPAP
EXPLOIT
EPSS
0.90%
55.2th percentile
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| createch-group | lisk_cms | — | — |
CVSS provenance
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
vendor_redhat5.0MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-92fj-4j8c-c7m3: Multiple SQL injection vulnerabilities in LiSK CMS 4
ghsa_unreviewed·2022-05-17
CVE-2010-2015 [MEDIUM] CWE-89 GHSA-92fj-4j8c-c7m3: Multiple SQL injection vulnerabilities in LiSK CMS 4
Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary SQL commands via (1) the id parameter in a view_inbox action to cp/cp_messages.php or (2) the id parameter to cp/edit_email.php.
Palo Alto
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
vendor_paloalto·2024-09-04·CVSS 6.0
CVE-2022-22965 [MEDIUM] PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
PAN-SA-2024-0008 Informational Bulletin: Impact of OSS CVEs in PAN-OS
The Palo Alto Networks Product Security Assurance team has evaluated the following open source software (OSS) CVEs as they relate to PAN-OS software. While PAN-OS software may include the
CVEs: CVE-2010-1622, CVE-2015-7552, CVE-2018-16840, CVE-2019-7639, CVE-2020-17049, CVE-2020-7774, CVE-2021-0131, CVE-2021-0132, CVE-2021-0133, CVE-2021-0134, CVE-2021-4044, CVE-2021-4160, CVE-2021-41773, CVE-2022-1343, CVE-2022-21449, CVE-2022-2274, CVE-2022-22963, CVE-2022-22965, CVE-2022-24697, CVE-2022-32207, CVE-2022-3358, CVE-2022-3996, CVE-2022-40664, CVE-2022-44792, CVE-2022-44793, CVE-2023-1255, CVE-2023-22809, CVE-2023-23919, CVE-2023-3341, CVE-2023-4236, CVE-2023-4863, CVE-2023-51767
Affected products: PAN-OS
Red Hat
openslp: Packet with crafted "nextoffset" and "extid" values causes DoS
vendor_redhat·2015-09-16·CVSS 5.0
CVE-2015-5155 [MEDIUM] openslp: Packet with crafted "nextoffset" and "extid" values causes DoS
openslp: Packet with crafted "nextoffset" and "extid" values causes DoS
[REJECTED CVE] A vulnerability has been identified in Openslp in ParseExtension() function in slp_message.c file. Attacker can force the function to enter the infinte loop causing denial of service via packet with crafted "nextoffset" value and "extid" value.
Statement: This flaw was found to be a duplicate of CVE-2010-3609. Please see https://access.redhat.com/security/cve/CVE-2010-3609 for information about affected products and security errata.
Package: openslp (Red Hat Enterprise Linux 6) - Not affected
Package: openslp (Red Hat Enterprise Linux 7) - Not affected
Suricata
ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow
suricata·2015-03-16
CVE-2010-3333 ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow
ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET WEB_CLIENT Microsoft Office RTF Stack Buffer Overflow"; flow:established,to_client; flowbits:set,ETPRO.RTF; flowbits:noalert; file.data; content:"|7b 5c|rt"; within:4; reference:cve,2010-3333; classtype:misc-activity; sid:2020699; rev:7; metadata:affected_product Web_Browsers, affected_product Web_Browser_Plugins, attack_target Client_Endpoint, created_at 2015_03_16, cve CVE_2010_3333, deployment Perimeter, confidence High, signature_severity Major, tag Web_Client_Attacks, updated_at 2024_03_14;)
Exploit-DB
Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)
exploitdb·2015-12-14
CVE-2015-6132 Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)
Microsoft Office / COM Object - DLL Planting with 'comsvcs.dll' Delay Load of 'mqrt.dll' (MS15-132)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=556
It is possible for an attacker to execute a DLL planting attack in Microsoft Office 2010 on Windows 7 x86 with a specially crafted OLE object. This attack also works on Office 2013 running on Windows 7 x64. Other platforms were not tested. The attached POC document "planted-mqrt.doc" contains what was originally an embedded Packager object. The CLSID for this object was changed at offset 0x2650 to be {ecabafc9-7f19-11d2-978e-0000f8757e2a} (formatted as pack(">IHHBBBBBBBB")). This object has a InProcServer32 pointing to comsvcs.dll. Specifically the CQueueAdmin object implemented in the dll.
When a user op
Exploit-DB
Man-db 2.6.7.1 - Local Privilege Escalation
exploitdb·2015-12-02
CVE-2015-1336 Man-db 2.6.7.1 - Local Privilege Escalation
Man-db 2.6.7.1 - Local Privilege Escalation
---
/*
EDB Note:
man:man -> man:root ~ http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/
man:root -> root:root ~ http://www.halfdog.net/Security/2015/MandbSymlinkLocalRootPrivilegeEscalation/
CreateSetgidBinary.c ~ http://www.halfdog.net/Security/2015/SetgidDirectoryPrivilegeEscalation/CreateSetgidBinary.c
DirModifyInotify-20110530.c ~ http://www.halfdog.net/Security/2010/FilesystemRecursionAndSymlinks/DirModifyInotify-20110530.c
*/
## man:man -> man:root
Setgid Binary Creater: The program CreateSetgidBinary.c allows to create the suitable setgid binary circumventing the kernel protection. Currently creating an empty setgid executable in /var/cache/man would work but writing as user man will remove the setgid flag sil
Exploit-DB
Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)
exploitdb·2015-09-16
CVE-2015-2510 Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)
Microsoft Office 2007 - 'OGL.dll' ValidateBitmapInfo Bounds Check Failure (MS15-097)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=469
The following crash was observed in Microsoft Office 2007 Excel with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 or 2013.
Attached files:
Original File: 3013413838_orig.xls
Crashing File: 3013413838_crash.xls
Minimized Crashing File: 3013413838_min.xls
The minimized crashing file shows a one bit delta from the original file at offset 0x139F. OffVis did not reveal anything unique about this offset in the minimized file.
File Versions:
Excel.exe: 12.0.6718.5000
OGL.dll: 12.0.6719.5000
oart.dll: 12.0.6683.5002
GD
Exploit-DB
Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free
exploitdb·2015-09-16
CVE-2015-2523 Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free
Microsoft Excel 2007/2010/2013 - BIFFRecord Use-After-Free
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=462
The following crash was observed in Microsoft Excel 2007 running on Windows 2003 R2. This crash was also reproduced in Microsoft Excel 2010 on Windows 7 x86 and Microsoft Excel 2013 on Windows 8.1 x86. The test environment was Excel 2007 on Windows 2003 R2 with application verifier basic checks enabled.
Attached files:
Original File: 683709058_orig.xls
Crashing File: 683709058_crash.xls
Minimized Crashing File: 683709058_min.xls
The minimized crashing file shows two deltas from the original. The first at offset 0x237 is in the data of the 4th BIFFRecord and the second delta at offset 0x34a5 is in the type field of a BIFFRecord.
File versions:
Exploit-DB
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
exploitdb·2015-09-16
CVE-2015-2520 Microsoft Office 2007 - BIFFRecord Length Use-After-Free
Microsoft Office 2007 - BIFFRecord Length Use-After-Free
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=464
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 or 2013.
Attached files:
Original File: 1105668828_orig.xls
Crashing File: 1105668828_crash.xls
Minimized Crashing File: 1105668828_min.xls
The minimized crashing file shows two one bit deltas from the original file. The first delta at offset 0x1CF7E and the second is at offset 0x3A966. Both of these offset appear to be BIFFRecord lengths.
File Versions:
Excel.exe: 12.0.6718.5000
MSO.dll: 12.0.6721.5000
Observed Crash:
eax=0000000
Exploit-DB
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
exploitdb·2015-09-16
CVE-2015-2521 Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=465
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 or 2013.
Attached files:
Original File: 1516065514_orig.xls
Crashing File: 1516065514_crash.xls
Minimized Crashing File: 1516065514_min.xls
The minimized crashing file shows a one bit deltas from the original file at offset 0x49E8. OffVis reports this to be the CreateTime field of an OLESSDirectoryEntry structure.
File Versions:
Excel.exe: 12.0.6718.5000
MSO.dll: 12.0.6721.5000
Observed Crash:
When run without Applicati
Exploit-DB
Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
exploitdb·2015-08-21
CVE-2015-2467 Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
Microsoft Office 2007 - 'mso.dll' Use-After-Free (MS15-081)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=414&can=1
The following crash was observed in MS Office 2007 running under Windows 2003 x86. Microsoft Office File Validation Add-In is disabled and application verified was enabled for testing and reproduction. This sample did not reproduce in Office 2010 running on Windows 7 x86.
The attached minimized PoC that produces the crash with 2 bit changes from the original file at offsets 0x11E60 and 0x1515F. Standard office document parsers did not reveal any significance about this location.
Attached files:
Fuzzed minimized PoC: 1567070353_min.doc
Fuzzed non-minimized PoC: 1567070353_crash.doc
Original non-fuzzed file: 1567070353_orig.doc
DLL Versi
Exploit-DB
Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
exploitdb·2015-08-21
CVE-2015-2431 Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
Microsoft Office 2007 - 'OGL.dll' DpOutputSpanStretch::OutputSpan Out of Bounds Write (MS15-080)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=420&can=1
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86.
The crash is caused by a 1 bit delta from the original file at offset 0x4A45. OffViz identified this offset as OLESSRoot.DirectoryEntries[100].OLESSDirectoryEntry[20].sidLeft with an original value of 0x00000000 and a fuzzed value of 0x00008000.
Attached files:
Fuzzed minimized PoC: 1863274449_min.doc
Fuzzed non-minimized PoC: 1863274449_crash.doc
Original non-fuz
Exploit-DB
Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)
exploitdb·2015-08-21
CVE-2015-2470 Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)
Microsoft Office 2007 - MSPTLS Heap Index Integer Underflow (MS15-081)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=431&can=1
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86.
The crash is caused by a 1 bit delta from the original file at offset 0xA9B0. Standard tools did not identify anything significant about this offset in the minimized file.
Attached files:
Fuzzed minimized PoC: 3423415565_min.doc
Fuzzed non-minimized PoC: 3423415565_crash.doc
Original non-fuzzed file: 3423415565_orig.doc
DLL Versions:
wwlib.dll: 12.0.6720.5000
msptls.dll: 12.0.6682.5000
Exploit-DB
Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
exploitdb·2015-08-21
CVE-2015-2469 Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
Microsoft Office 2007 - 'wwlib.dll' Type Confusion (MS15-081)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=423&can=1
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug also reproduced in Office 2010 running on Windows 7 x86.
The minimized version of the PoC has three deltas at offsets 0x2404, 0x4041, and 0x8057. OffViz identified these as WordBinaryDocuments[1].WordBinaryDocument[0].stPapxFKPs[23].PAPXFKP[1].rgfc[7].rgfc[1], WordBinaryDocuments[1].WordBinaryDocument[0].stPapxFKPs[23].PAPXFKP[9].rgfc[23].rgfc[16], and WordBinaryDocuments[1].WordBinaryDocument[0].stPapxFKPs[23].PAPXFKP[22].rgbx[11].BXPAP[3].bOffset respect
Exploit-DB
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
exploitdb·2015-08-21
CVE-2015-2468 Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
Microsoft Office 2007 - 'mso.dll' Arbitrary Free (MS15-081)
---
Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1
The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 running on Windows 7 x86. The attached PoC file will reproduce when Word is closed. However, there were other crashing files (not attached) faulting on the same EIP that did not require Word to be be closed to trigger the crash. This particular PoC did not minimize cleanly and has 666 deltas from the original non-fuzzed file.
Attached files:
Fuzzed non-minimized PoC: 2435406723_crash.doc
Original non-fuzzed file: 2435406723_o
Exploit-DB
BulletProof FTP Client 2010 - Local Buffer Overflow (DEP Bypass)
exploitdb·2015-05-18·CVSS 9.3
CVE-2008-5753 [CRITICAL] BulletProof FTP Client 2010 - Local Buffer Overflow (DEP Bypass)
BulletProof FTP Client 2010 - Local Buffer Overflow (DEP Bypass)
---
#-----------------------------------------------------------------------------#
# Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow (SEH) #
# Date: Feb 15 2015 #
# Exploit Author: Gabor Seljan #
# Software Link: http://www.bpftp.com/ #
# Version: 2010.75.0.76 #
# Tested on: Windows XP SP3 English #
# Credits: His0k4 #
# CVE: CVE-2008-5753 #
#-----------------------------------------------------------------------------#
#!/usr/bin/python
from struct import pack
# offset to SEH is 93 byte
buf = b'A' * 13
buf += pack('<L',0x77c1f62f) # POP ECX # POP ECX # POP EDI # POP EBX # POP EBP # RETN [msvcrt.dll]
buf += b'A' * 20
buf += pack('<L',0x74c86a99) # POP ESI # RETN [oleacc.dll]
buf += b'A' * 4
buf += pack('<L'
Exploit-DB
Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)
exploitdb·2015-04-17·CVSS 4.6
CVE-2015-2572 [MEDIUM] Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)
Oracle Hyperion Smart View for Office 11.1.2.3.000 - Crash (PoC)
---
# Exploit Title: Buffer Overflow in Oracle� Hyperion Smart View for Office
[DOS]
# Exploit Author: sajith
# Vendor Homepage: http://oracle.com
# vulnerable Version: Fusion Edition 11.1.2.3.000 Build 157
#Vulnerable Link:
http://www.oracle.com/technetwork/middleware/smart-view-for-office/downloads/index.html
# Tested in: Microsoft Windows 7 Enterprise 6.1.7601 Service Pack 1
[x64],en-us
#plugin tested with Microsoft Excel 2010
#CVE: CVE-2015-2572
Responsible Disclosure:
Reported to Oracle on Jul 7, 2014
patch released on April 14, 2015
How to reproduce the bug?
1)install "Smart view" and open Microsoft excel and click on "smart view"
tab
2)click on "Options" and then click on "Advanced" tab
3) In General menu in "
Exploit-DB
LiSK CMS 4.4 - SQL Injection
exploitdb·2010-05-24
CVE-2010-2015 LiSK CMS 4.4 - SQL Injection
LiSK CMS 4.4 - SQL Injection
---
Vulnerability ID: HTB22373
Reference:
http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_lisk_cms_1.html
Product: LiSK CMS
Vendor: Createch-group
Vulnerable Version: 4.4
Vendor Notification: 06 May 2010
Vulnerability Type: SQL Injection
Status: Not Fixed, Vendor Alerted, Awaiting Vendor Response Risk level:
Medium
Credit: High-Tech Bridge SA (http://www.htbridge.ch/)
Vulnerability Details:
The vulnerability exists due to failure in the "/edit_email.php" script to
properly sanitize user-supplied input in "id" variable. Attacker can alter
queries to the application SQL database, execute arbitrary queries to the
database, compromise the application, access or modify sensitive data, or
exploit various vulnerabilities in the underlying S
Trendmicro
Backdoor-Variante infiziert Word-Dokumente und PDFs
blogs_trendmicro·2019-08-26·CVSS 7.3
[HIGH] Backdoor-Variante infiziert Word-Dokumente und PDFs
Malware
## Backdoor-Variante infiziert Word-Dokumente und PDFs
Sicherheitsforscher stießen auf Asruex in einer PDF-Datei und stellten fest, dass eine Variante der Malware auch als Infector fungieren kann, insbesondere durch die Ausnutzung alter Schwachstellen.
By: Trend Micro Aug 26, 2019 Read time: ( words)
Save to Folio
Originalbeitrag von Ian Mercado and Mhica Romero
Asruex wurde 2015 zum ersten Mal gesichtet und ist bekannt für seine Backdoor-Funktionen und die Verbindung zur Spyware DarkHotel. Nun stießen die Sicherheitsforscher auf Asruex in einer PDF-Datei und stellten fest, dass eine Variante der Malware auch als Infector fungieren kann, insbesondere durch die Ausnutzung alter Schwachstellen wie CVE-2012-0158 und CVE-2010-2883, die Code in Word- bzw. PDF-Dateien injizieren.
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Ciberamenazas
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyber Threats
# Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero
Aug 22, 2019
Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883, which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities c
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyberbedrohungen
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabiliti
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Minacce cyber
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyber Threats
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero 2019/08/22 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities co
Trendmicro
Asruex Backdoor Infects Files Via Old Vulnerabilities
blogs_trendmicro·2019-08-22·CVSS 7.3
[HIGH] Asruex Backdoor Infects Files Via Old Vulnerabilities
Cyber Threats
## Asruex Backdoor Infects Files Via Old Vulnerabilities
Asruex has been known for its backdoor capabilities. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities.
By: Ian Mercado, Mhica Romero Aug 22, 2019 Read time: ( words)
Save to Folio
Since it first emerged in 2015, Asruex has been known for its backdoor capabilities and connection to the spyware DarkHotel. However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively. The use of old, patched vulnerabilities
http://secunia.com/advisories/39912http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_lisk_cms.htmlhttp://www.htbridge.ch/advisory/sql_injection_vulnerability_in_lisk_cms_1.htmlhttp://secunia.com/advisories/39912http://www.htbridge.ch/advisory/sql_injection_vulnerability_in_lisk_cms.htmlhttp://www.htbridge.ch/advisory/sql_injection_vulnerability_in_lisk_cms_1.html
2010-05-24
Published