CVE-2018-5754
published 2018-06-16CVE-2018-5754: Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote…
PriorityP428medium5.4CVSS 3.0
AVNACLPRLUIRSCCLILAN
EXPLOIT
EPSS
2.98%
85.6th percentile
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the clipboard.
Affected
3 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| open-xchange | open-xchange_appsuite | <= 7.8.3 | — |
| open-xchange | open-xchange_appsuite | — | — |
| open-xchange | open-xchange_appsuite | — | — |
CVSS provenance
nvdv3.05.4MEDIUMCVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
nvdv2.03.5LOWAV:N/AC:M/Au:S/C:N/I:P/A:N
vendor_cisco5.6MEDIUM
vendor_redhat5.6MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-crvf-8frr-387q: Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7
ghsa_unreviewed·2022-05-14
CVE-2018-5754 [MEDIUM] CWE-79 GHSA-crvf-8frr-387q: Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7
Cross-site scripting (XSS) vulnerability in the office-web component in Open-Xchange OX App Suite before 7.8.3-rev12 and 7.8.4 before 7.8.4-rev9 allows remote attackers to inject arbitrary web script or HTML via a crafted presentation file, related to copying content to the clipboard.
Red Hat
xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
vendor_redhat·2018-11-20·CVSS 5.6
CVE-2018-19965 [MEDIUM] CWE-228 xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
xen: x86: DoS from attempting to use INVPCID with a non-canonical addresses
An issue was discovered in Xen through 4.11.x allowing 64-bit PV guest OS users to cause a denial of service (host OS crash) because #GP[0] can occur after a non-canonical address is passed to the TLB flushing code. NOTE: this issue exists because of an incorrect CVE-2017-5754 (aka Meltdown) mitigation.
Package: kernel-xen (Red Hat Enterprise Linux 5) - Not affected
Red Hat
xen: x86 PV guest may crash Xen with XPTI
vendor_redhat·2018-04-25·CVSS 5.6
CVE-2018-10471 [MEDIUM] CWE-787 xen: x86 PV guest may crash Xen with XPTI
xen: x86 PV guest may crash Xen with XPTI
An issue was discovered in Xen through 4.10.x allowing x86 PV guest OS users to cause a denial of service (out-of-bounds zero write and hypervisor crash) via unexpected INT 80 processing, because of an incorrect fix for CVE-2017-5754.
An OOB write issue was found in the way Xen hypervisor handled error in the Page Table Isolation (PTI) implementation, used to fix the Meltdown issue. It could occur while processing interrupt 'INT 0x80', when PV guest's vCPU has no handler for it. A malicious guest user/process could use this flaw to crash the hypervisor resulting in denial of service issue.
Package: xen (Red Hat Enterprise Linux 5) - Not affected
Cisco
CPU Side-Channel Information Disclosure Vulnerabilities
vendor_cisco·2018-01-05·CVSS 5.6
CVE-2017-5715 [MEDIUM] CWE-200 CPU Side-Channel Information Disclosure Vulnerabilities
CPU Side-Channel Information Disclosure Vulnerabilities
On January 3, 2018, researchers disclosed three vulnerabilities that take advantage of the implementation of speculative execution of instructions on many modern microprocessor architectures to perform side-channel information disclosure attacks. These vulnerabilities could allow an unprivileged local attacker, in specific circumstances, to read privileged memory belonging to other processes or memory allocated to the operating system kernel.
The first two vulnerabilities, CVE-2017-5753 and CVE-2017-5715, are collectively known as Spectre. The third vulnerability, CVE-2017-5754, is known as Meltdown. The vulnerabilities are all variants of the same attack and differ in the way that speculative execution is exploited.
To exploit any
Suricata
ET EXPLOIT Possible MeltDown PoC Download In Progress
suricata·2018-01-10
CVE-2017-5754 ET EXPLOIT Possible MeltDown PoC Download In Progress
ET EXPLOIT Possible MeltDown PoC Download In Progress
Rule: alert http $EXTERNAL_NET any -> $HOME_NET any (msg:"ET EXPLOIT Possible MeltDown PoC Download In Progress"; flow:established,to_client; flowbits:isset,ET.http.binary; file.data; content:"|57 53 41 50 41 51|"; content:"|0F AE F0|"; distance:50; within:53; content:"|0F AE|"; distance:15; within:12; pcre:"/^[\x30-\x3f\x7D]/Rs"; content:"|0F AE F0 0F 31|"; distance:45; within:25; content:"|0F AE F0 0F 31|"; distance:17; within:12; reference:cve,2017-5754; classtype:attempted-admin; sid:2025195; rev:3; metadata:attack_target Client_Endpoint, created_at 2018_01_10, cve CVE_2017_5754, deployment Perimeter, malware_family MeltDown_Exploit, performance_impact Low, confidence Medium, signature_severity Major, updated_at 2024_03_14;)
Bugzilla
firefox: mitigations against spectre via javascript
bugzilla·2018-01-08·CVSS 5.6
CVE-2017-5754 [MEDIUM] firefox: mitigations against spectre via javascript
firefox: mitigations against spectre via javascript
Mozilla has issued an advisory (mfsa2018-01) for Firefox 57.0.4 that implements a short term mitigation for spectre based javascript attacks.
CVE-2017-5754 CVE-2017-5753
References:
https://www.mozilla.org/en-US/security/advisories/mfsa2018-01/
Discussion:
(In reply to Sam Fowler from comment #3)
> "The precision of performance.now() has been reduced from 5μs to 20μs"
According to the following Mozilla blog post:
https://blog.mozilla.org/security/2018/01/03/mitigations-landing-new-class-timing-attack/
this mitigation is going to be include in 52 ESR in version 52.6 ESR.
---
Statement:
Mozilla has confirmed that similar to "Meltdown" and "Spectre" which are a new class of timing attacks which affect modern CPUs, it is possible t
Qualys
Processor Vulnerabilities - Meltdown and Spectre | Qualys
blogs_qualys·2018-01-04·CVSS 5.6
CVE-2017-5754 [MEDIUM] Processor Vulnerabilities - Meltdown and Spectre | Qualys
UPDATE 1/4/2018: Qualys has released several QIDs for detecting missing patches for these vulnerabilities.
UPDATE 1/5/2018: Pre-built AssetView dashboards to visualize impact and remediation progress.
Vulnerabilities potentially impacting all major processor vendors were disclosed today by Google Project Zero. These vulnerabilities have been named Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 & CVE-2017-5715). Organizations should inventory their systems by processor type, apply vendor patches as they become available, and track their progress. This article describes how Qualys can help in all three areas.
### Overview
Meltdown allows any application to access all system memory, including memory allocated for the kernel. Mitigation for this vulnerability will require operating sy
Sentinelone
SentinelOne is Compatible with “Meltdown” and “Spectre” Fixes
blogs_sentinelone·2018-01-04·CVSS 5.6
CVE-2017-5753 [MEDIUM] SentinelOne is Compatible with “Meltdown” and “Spectre” Fixes
This document covers SentinelOne’s response to exploit flaws described in CVE-2017-5753, CVE-2017-5715, and CVE-2017-5754.
SentinelOne products are compatible with Microsoft’s January 3, 2018, security updates. We tested our Agent against Microsoft’s patch. No incompatibilities causing any stop errors or other issues were found with SentinelOne agent versions 1.8.4, 2.0, 2.1 and 2.5.
## Overview
Microsoft, Google, Linux RedHat and Amazon have all acknowledged a new, publicly disclosed class of vulnerabilities referred to as “speculative execution side-channel attacks,” which affect many modern processors and operating systems including Intel, AMD, and ARM. This issue may also affect other systems, such as Android, Chrome, iOS, MacOS.
## Possible collision with security applications
Mi
http://packetstormsecurity.com/files/148118/OX-App-Suite-7.8.4-XSS-Privilege-Management-SSRF-Traversal.htmlhttp://seclists.org/fulldisclosure/2018/Jun/23https://www.exploit-db.com/exploits/44881/http://packetstormsecurity.com/files/148118/OX-App-Suite-7.8.4-XSS-Privilege-Management-SSRF-Traversal.htmlhttp://seclists.org/fulldisclosure/2018/Jun/23https://www.exploit-db.com/exploits/44881/
2018-06-16
Published