Security Vulnerabilities - CVEs Published In February 2019
inxedu through 2018-12-24 has a vulnerability that can lead to the upload of a malicious JSP file. The vulnerable code location is com.inxedu.os.common.controller.VideoUploadController#gok4 (com/inxedu/os/common/controller/VideoUploadController.java). The attacker uses the /video/uploadvideo fileType parameter to change the list of acceptable extensions from jpg,gif,png,jpeg to jpg,gif,png,jsp,jpeg.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-02-09
An assertion failure was discovered in wasm::WasmBinaryBuilder::getType() in wasm-binary.cpp in Binaryen 1.38.22. This allows remote attackers to cause a denial of service (failed assertion and crash) via a crafted wasm file.
CVSS Score
6.5
EPSS Score
0.004
Published
2019-02-09
An Invalid Address dereference was discovered in TIFFWriteDirectoryTagTransferfunction in libtiff/tif_dirwrite.c in LibTIFF 4.0.10, affecting the cpSeparateBufToContigBuf function in tiffcp.c. Remote attackers could leverage this vulnerability to cause a denial-of-service via a crafted tiff file. This is different from CVE-2018-12900.
CVSS Score
6.5
EPSS Score
0.015
Published
2019-02-09
In elfutils 0.175, a negative-sized memcpy is attempted in elf_cvt_note in libelf/note_xlate.h because of an incorrect overflow check. Crafted elf input causes a segmentation fault, leading to denial of service (program crash).
CVSS Score
5.5
EPSS Score
0.001
Published
2019-02-09
In elfutils 0.175, a heap-based buffer over-read was discovered in the function elf32_xlatetom in elf32_xlatetom.c in libelf. A crafted ELF input can cause a segmentation fault leading to denial of service (program crash) because ebl_core_note does not reject malformed core file notes.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-02-09
Genivia gSOAP 2.7.x and 2.8.x before 2.8.75 allows attackers to cause a denial of service (application abort) or possibly have unspecified other impact if a server application is built with the -DWITH_COOKIES flag. This affects the C/C++ libgsoapck/libgsoapck++ and libgsoapssl/libgsoapssl++ libraries, as these are built with that flag.
CVSS Score
8.1
EPSS Score
0.007
Published
2019-02-09
The Debian python-rdflib-tools 4.2.2-1 package for RDFLib 4.2.2 has CLI tools that can load Python modules from the current working directory, allowing code injection, because "python -m" looks in this directory, as demonstrated by rdf2dot. This issue is specific to use of the debian/scripts directory.
CVSS Score
9.8
EPSS Score
0.007
Published
2019-02-09
EPP.sys in Emsisoft Anti-Malware prior to version 2018.12 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\EPP device are not properly protected, leading to unintended impersonation or object creation. This vulnerability has been fixed in version 2018.12 and later.
CVSS Score
7.5
EPSS Score
0.043
Published
2019-02-08
A null pointer dereference vulnerability in Fortinet FortiClientWindows 6.0.2 and earlier allows attacker to cause a denial of service via the NDIS miniport driver.
CVSS Score
5.5
EPSS Score
0.001
Published
2019-02-08
A format string vulnerability in Fortinet FortiOS 5.6.0 allows attacker to execute unauthorized code or commands via the SSH username variable.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-02-08