Posts Tagged ‘Remote Code Execution’


Vulnerabilities 2014Three High severity vulnerabilities of the last week

Three high severity vulnerabilities have been discovered in the last week: Execution of arbitrary code in Avast Antivirus, Compromise a system via Unpatched WinRAR and Compromise the system in vtiger.

1. Execution of arbitrary code in Avast Antivirus

Danger: Critical
The number of vulnerabilities: 1
Vector of operation: Remote
Impact: System Compromise

Affected Product: Avast Antivirus
Vulnerable version: Avast Antivirus 2015.10.3.2223, possibly earlier versions (more…)

Vulnerabilities in Microsoft Windows

Vulnerabilities in Microsoft Windows

Multiple vulnerabilities in Microsoft Windows

1. Vulnerability in the processing of checking revocation IP-HTTPS certificates in Microsoft Windows

Danger: Low
Patch: Yes
Number of vulnerabilities: 1

CVE ID: CVE-2012-2549
Vector of operation: Remote
Impact: Security Bypass

Affected Products: Microsoft Windows Server 2008, Windows Server 2012

Affected versions: Microsoft Windows 2008 R2, Windows 2012

Description:

Which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to insufficient authentication certificates in IP-HTTPS component. A remote user can use the revoked certificate as valid.

Manufacturer URL: www.microsoft.com (more…)

Virus AlertTrojan.Maljava!gen23 is a heuristic detection for files attempting to exploit the Oracle Java SE CVE-2012-1723 Remote Code Execution Vulnerability.

Technical details

Systems Affected:

Windows NT, Windows XP,Windows Server 2003, Windows Server 2008,Windows Vista, Windows 7, Solaris, Mac OS X, Linux, Windows 2000

CVE References: CVE-2012-1723

Technical details

Files that are detected as Trojan.Maljava!gen23 are considered malicious. We suggest that any files you believe are incorrectly detected be submitted to Symantec Security Response. For instructions on how to do this using Scan and Deliver, read Submit Virus Samples. (more…)