RSS   Podatności dla 'Bestinformed'   RSS

2019-02-25
 
CVE-2019-6266

CWE-295
 

 
Cordaware bestinformed Microsoft Windows client before 6.2.1.0 is affected by insecure SSL certificate verification and insecure access patterns. These issues allow remote attackers to downgrade encrypted connections to cleartext.

 
 
CVE-2019-6265

CWE-264
 

 
The Scripting and AutoUpdate functionality in Cordaware bestinformed Microsoft Windows client versions before 6.2.1.0 are affected by insecure implementations which allow remote attackers to execute arbitrary commands and escalate privileges.

 


Copyright 2024, cxsecurity.com

 

Back to Top