Recursive clones are currently affected by a vulnerability that is caused by too-lax validation of submodule names, allowing very targeted attacks via remote code execution in recursive clones.
Tag: Remote Code Execution (RCE)
ASA-2019-00663 – Git: Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone
Incorrect quoting of command-line arguments allowed remote code execution during a recursive clone in conjunction with SSH URLs.
ASA-2019-00647 – Facebook WhatsApp: A stack-based buffer overflow by sending a specially crafted MP4 file
A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user. The issue was present in parsing the elementary stream metadata of an MP4 file and could result in a DoS or RCE.
ASA-2019-00595 – PHP: env_path_info underflow in fpm_main.c can lead to Remote Code Execution (RCE)
In PHP in certain configurations of FPM setup it is possible to cause FPM module to write past allocated buffers into the space reserved for FCGI protocol data, thus opening the possibility of remote code execution.
ASA-2019-00588 – vBulletin: Remote Code Execution in updateAvatar endpoint
User input passed through the "data[extension]" and "data[filedata]" parameters to the "ajax/api/user/updateAvatar" endpoint is not properly validated before being used to update users' avatars. This can be exploited to inject and execute arbitrary PHP code. Successful exploitation of this vulnerability requires the "Save Avatars as Files" option to be enabled (disabled by default).
ASA-2019-00584 – TYPO3 extension freeCap CAPTCHA (sr_freecap): Remote Code Execution
The extension fails to sanitize user input which allows to execute arbitrary Extbase actions resulting in Remote Code Execution.
ASA-2019-00583 – TYPO3 extension SLUB: Event Registration (slub_events): Multiple vulnerabilities
The extension allows to upload arbitrary files to the webserver. For versions 1.2.2 and below, this vulnerability results in Remote Code Execution. In versions later than 1.2.2, the vulnerability can result in Denial of Service, since the webspace can be filled up with arbitrary files. The extension also includes jQuery 2.2.4 which is known to be vulnerable against Cross Site Scripting.
ASA-2019-00554 – WhatsApp: Double free vulnerability in the DDGifSlurp function
A double free vulnerability in the DDGifSlurp function in decoding.c in libpl_droidsonroids_gif before 1.2.15, as used in WhatsApp for Android before 2.19.244, allows remote attackers to execute arbitrary code or cause a denial of service.