August 16, 2019
Vulnerability Notification: Windows RDP Remote Desktop Services Remote Code Execution
[Overview] Once the Windows RDP Remote Desktop Services worm-level remote code execution vulnerabilities (CVE-2019-1181, CVE-2019-1182) appeared, Hillstone Networks immediately issued an early warning. [Vulnerability Details] On August 14, 2019, Microsoft officially released a security patch containing two critical remote code execution vulnerabilities – CVE-2019-1181 and CVE-2019-1182. These two vulnerabilities are similar to the previously fixed…May 24, 2019
Vulnerability Notification: Remote Desktop Services Remote Code Execution
[Overview] Remote Desktop Services (RDS) is one of the components of Microsoft Windows that allow users to remotely access and take control of a computer or virtual machine. Recently, the Remote Desktop Services Remote Code Execution vulnerability was published officially. [Vulnerability Details] CVE-2019-0708: The vulnerability is pre-authentication and requires no user interaction. A remote attacker…March 1, 2019
Vulnerability Notification: Apache Subversion mod_dav_svn Denial of Service
[Overview] Subversion is an open source version control and software version control system that runs as a standalone server or as a module of the Apache HTTPD server. Recently, the denial of service vulnerability was fixed officially. [Vulnerability Details] CVE-2018-11803: The vulnerability is caused by improper dereference of an uninitialized pointer variable. A remote attacker…December 26, 2018
Vulnerability Notification: Microsoft Office Remote Code Execution
[Overview] Microsoft Office is an office software developed by Microsoft Corporation that can perform word processing, form editing, slide show production, and Email service. Recently, Microsoft fixed a remote code execution vulnerability in it. [Vulnerability Details] CVE-2018-8161: The vulnerability is caused by Outlook’s incorrect parsing of HTML. The vulnerable condition occurs when a MIME message…November 26, 2018