orikahmadov.com

Ransomware

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Vendor: Atlassian

Product: Confluence Server/Data Center

Added: 2022-06-02

Due Date: 2022-06-06

Description:

Atlassian Confluence Server and Data Center contain a remote code execution vulnerability that allows for an unauthenticated attacker to perform remote code execution.

Required Action:

Immediately block all internet traffic to and from affected products AND apply the update per vendor instructions [https://confluence.atlassian.com/doc/confluence-security-advisory-2022-06-02-1130377146.html] OR remove the affected products by the due date on the right. Note: Once the update is successfully deployed, agencies can reassess the internet blocking rules.

CWEs:

CWE-917

Oracle Solaris Privilege Escalation Vulnerability

Vendor: Oracle

Product: Solaris

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Oracle Solaris component: XScreenSaver contains an unspecified vulnerability that allows for privilege escalation.

Required Action:

Apply updates per vendor instructions.

Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-05-25

Due Date: 2022-06-15

Description:

A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. An attacker who successfully exploits this vulnerability could take control of the affected system.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-284

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-05-25

Due Date: 2022-06-15

Description:

A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploits this vulnerability could take control of the affected system.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-284

Adobe Flash Player and AIR Integer Overflow Vulnerability

Vendor: Adobe

Product: Flash Player and AIR

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Integer overflow vulnerability in Adobe Flash Player and AIR allows attackers to execute code.

Required Action:

The impacted products are end-of-life and should be disconnected if still in use.

CWEs:

CWE-190

Adobe Flash Player and AIR Use-After-Free Vulnerability

Vendor: Adobe

Product: Flash Player and AIR

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Use-after-free vulnerability in Adobe Flash Player and Adobe AIR allows attackers to execute code.

Required Action:

The impacted products are end-of-life and should be disconnected if still in use.

CWEs:

CWE-416

Ransomware

Microsoft Silverlight Runtime Remote Code Execution Vulnerability

Vendor: Microsoft

Product: Silverlight

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Microsoft Silverlight mishandles negative offsets during decoding, which allows attackers to execute remote code or cause a denial-of-service (DoS).

Required Action:

The impacted products are end-of-life and should be disconnected if still in use.

CWEs:

CWE-20

Adobe Flash Player ASLR Bypass Vulnerability

Vendor: Adobe

Product: Flash Player

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Adobe Flash Player does not properly restrict discovery of memory addresses, which allows attackers to bypass the address space layout randomization (ASLR) protection mechanism.

Required Action:

The impacted product is end-of-life and should be disconnected if still in use.

CWEs:

CWE-264

Microsoft Windows TS WebProxy Directory Traversal Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Directory traversal vulnerability in the TS WebProxy (TSWbPrxy) component in Microsoft Windows allows remote attackers to escalate privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-22

Microsoft Internet Explorer ASLR Bypass Vulnerability

Vendor: Microsoft

Product: Internet Explorer

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Microsoft Internet Explorer allows remote attackers to bypass the address space layout randomization (ASLR) protection mechanism via a crafted web site.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-264

Microsoft Win32k Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Win32k

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Win32k.sys in the kernel-mode drivers in Microsoft Windows allows local users to gain privileges or cause denial-of-service (DoS).

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-119

Microsoft Internet Explorer Memory Corruption Vulnerability

Vendor: Microsoft

Product: Internet Explorer

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Microsoft Internet Explorer contains a memory corruption vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS).

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-119

Microsoft Windows Mount Manager Privilege Escalation Vulnerability

Vendor: Microsoft

Product: Windows

Added: 2022-05-25

Due Date: 2022-06-15

Description:

A privilege escalation vulnerability exists when the Windows Mount Manager component improperly processes symbolic links.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-264

Mozilla Firefox Security Feature Bypass Vulnerability

Vendor: Mozilla

Product: Firefox

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Moxilla Firefox allows remote attackers to bypass the Same Origin Policy to read arbitrary files or gain privileges.

Required Action:

Apply updates per vendor instructions.

CWEs:

CWE-200

Adobe Flash Player Integer Overflow Vulnerability

Vendor: Adobe

Product: Flash Player

Added: 2022-05-25

Due Date: 2022-06-15

Description:

Integer overflow in Adobe Flash Player allows attackers to execute code.

Required Action:

The impacted product is end-of-life and should be disconnected if still in use.

CWEs:

CWE-189

CISA Known Exploited Vulnerabilities

Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability

Oracle Solaris Privilege Escalation Vulnerability

Microsoft Windows Graphics Device Interface (GDI) Remote Code Execution Vulnerability

Microsoft Windows Open Type Font Remote Code Execution Vulnerability

Adobe Flash Player and AIR Integer Overflow Vulnerability

Adobe Flash Player and AIR Use-After-Free Vulnerability

Microsoft Silverlight Runtime Remote Code Execution Vulnerability

Adobe Flash Player ASLR Bypass Vulnerability

Microsoft Windows TS WebProxy Directory Traversal Vulnerability

Microsoft Internet Explorer ASLR Bypass Vulnerability

Microsoft Win32k Privilege Escalation Vulnerability

Microsoft Internet Explorer Memory Corruption Vulnerability

Microsoft Windows Mount Manager Privilege Escalation Vulnerability

Mozilla Firefox Security Feature Bypass Vulnerability

Adobe Flash Player Integer Overflow Vulnerability