Security Vulnerabilities - CVEs Published In October 2018
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to a denial of service when an unauthenticated LAN user sends a crafted HTTP header containing an unexpected Cookie field.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-10-01
The web interface in TP-Link TL-WRN841N 0.9.1 4.16 v0348.0 is vulnerable to CSRF due to insufficient validation of the referer field.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-10-01
An exploitable uninitialized variable vulnerability exists in the RTF-parsing functionality of Atlantis Word Processor 3.2.6 version. A specially crafted RTF file can leverage an uninitialized stack address, resulting in an out-of-bounds write, which in turn could lead to code execution.
CVSS Score
7.5
EPSS Score
0.006
Published
2018-10-01
An exploitable out-of-bounds write vulnerability exists in the Word Document parser of the Atlantis Word Processor 3.0.2.3, 3.0.2.5. A specially crafted document can cause Atlantis to write a value outside the bounds of a heap allocation, resulting in a buffer overflow. An attacker must convince a victim to open a document in order to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.003
Published
2018-10-01
An exploitable out-of-bounds write exists in the TIFF-parsing functionality of Canvas Draw version 5.0.0. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution.
CVSS Score
8.8
EPSS Score
0.006
Published
2018-10-01
An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor 3.0.2.3 and 3.0.2.5. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an out-of-bounds index which can result in arbitrary data being read as a pointer. Later, when the application attempts to write to said pointer, an arbitrary write will occur. This can allow an attacker to further corrupt memory, which leads to code execution under the context of the application. An attacker must convince a victim to open a document in order to trigger this vulnerability.
CVSS Score
8.8
EPSS Score
0.012
Published
2018-10-01
Martem TELEM GW6/GWM versions prior to 2.0.87-4018403-k4 may allow unprivileged users to modify/upload a new system configuration or take the full control over the RTU using default credentials to connect to the RTU.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-10-01
Emerson AMS Device Manager v12.0 to v13.5. A specially crafted script may be run that allows arbitrary remote code execution.
CVSS Score
9.8
EPSS Score
0.05
Published
2018-10-01
Emerson AMS Device Manager v12.0 to v13.5. Non-administrative users are able to change executable and library files on the affected products.
CVSS Score
6.5
EPSS Score
0.002
Published
2018-10-01
IBM WebSphere Portal 7.0, 8.0, 8.5, and 9.0 resets access control settings to the out of the box configuration during Combined Cumulative Fix (CF) installation. This can lead to security miss-configuration of the installation. IBM X-Force ID: 138950.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-10-01