Aging PCs Running Out-of-Date Software Bring Security Worries

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2018-20742
PUBLISHED: 2019-01-24

An issue was discovered in UC Berkeley RISE Opaque before 2018-12-01. There is no boundary check on ocall_malloc. The return value could be a pointer to enclave memory. It could cause an arbitrary enclave memory write.

CVE-2019-6486
PUBLISHED: 2019-01-24

Go before 1.10.8 and 1.11.x before 1.11.5 mishandles P-521 and P-384 elliptic curves, which allows attackers to cause a denial of service (CPU consumption) or possibly conduct ECDH private key recovery attacks.

CVE-2018-17693
PUBLISHED: 2019-01-24


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the con…

CVE-2018-17694
PUBLISHED: 2019-01-24


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han…

CVE-2018-17695
PUBLISHED: 2019-01-24


This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF 9.2.0.9297. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the han…

Leave a Reply