Onapsis Security Advisory - SAP HANA XS does not enforce any encryption in the form based authentication. It could allow an anonymous user to get information such as valid credentials from network traffic, gaining access into the system.
3c59882224f4e683e1189c962e0c8f1e472ad02e008d6bd4c6be59028fba9d6bCore Security Technologies Advisory - There are stack overflows on WebEx that can be exploited by sending maliciously crafted .atp and .wrf files to a vulnerable WebEx user. When opened, these files trigger a reliably exploitable stack based buffer overflow. Code execution is trivially achieved on the .wrf case because WebEx Player allocates a function pointer on the stack that is periodically used in what seems to be a callback mechanism, and also because DEP and ASLR are not enabled. In the .atp case an exception handler can be overwritten on the stack, and most registers can be trivially overwritten.
352f1691497ff70b83f9039f8094fb6c41b1beb68e1b341fbc1f1722864dc8d2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed