{"vulnerability": "CVE-2020-1354", "sightings": [{"uuid": "688c1759-2658-4697-8d46-2644c26df1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13546", "type": "seen", "source": "https://t.me/cibsecurity/23375", "content": "\u203c CVE-2020-13546 \u203c\n\nIn SoftMaker Software GmbH SoftMaker Office TextMaker 2021 (revision 1014), a specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based buffer overflow. An attacker can entice the victim to open a document to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-10T20:41:48.000000Z"}, {"uuid": "4be68bec-69dd-4ce6-a387-adadba34537f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13545", "type": "seen", "source": "https://t.me/cibsecurity/21665", "content": "\u203c CVE-2020-13545 \u203c\n\nAn exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021\u00e2\u20ac\u2122s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-06T18:39:20.000000Z"}, {"uuid": "72802ccf-60df-4726-ac9f-a9c1a21f008e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13544", "type": "seen", "source": "https://t.me/cibsecurity/21664", "content": "\u203c CVE-2020-13544 \u203c\n\nAn exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021\u00e2\u20ac\u2122s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loop\u00e2\u20ac\u2122s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-06T18:39:19.000000Z"}, {"uuid": "1841727a-9e90-4fbb-85c7-6ac78759a34f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13540", "type": "seen", "source": "https://t.me/cibsecurity/21581", "content": "\u203c CVE-2020-13540 \u203c\n\nAn exploitable local privilege elevation vulnerability exists in the file system permissions of the Win-911 Enterprise V4.20.13 install directory via WIN-911 Account Change Utility. Depending on the vector chosen, an attacker can overwrite various executables which could lead to escalation of the privileges when executed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-05T19:25:28.000000Z"}, {"uuid": "19dfdb43-1712-45a0-8832-11c384ccb96c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13541", "type": "seen", "source": "https://t.me/cibsecurity/21572", "content": "\u203c CVE-2020-13541 \u203c\n\nAn exploitable local privilege elevation vulnerability exists in the file system permissions of the Mobile-911 Server V2.5 install directory. Depending on the vector chosen, an attacker can overwrite the service executable and execute arbitrary code with System privileges or replace other files within the installation folder that could lead to local privilege escalation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-05T19:25:17.000000Z"}, {"uuid": "d59985a3-3817-4ef9-bc16-79e15076163e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13543", "type": "seen", "source": "https://t.me/cibsecurity/17110", "content": "\u203c CVE-2020-13543 \u203c\n\nA code execution vulnerability exists in the WebSocket functionality of Webkit WebKitGTK 2.30.0. A specially crafted web page can trigger a use-after-free vulnerability which can lead to remote code execution. An attacker can get a user to visit a webpage to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-03T20:26:23.000000Z"}, {"uuid": "6ac0f0c7-4d2c-47bc-a3c9-c58a5781aff4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13547", "type": "seen", "source": "https://t.me/cibsecurity/21186", "content": "\u203c CVE-2020-13547 \u203c\n\nA type confusion vulnerability exists in the JavaScript engine of Foxit Software\u00e2\u20ac\u2122s Foxit PDF Reader, version 10.1.0.37527. A specially crafted PDF document can trigger an improper use of an object, resulting in memory corruption and arbitrary code execution. An attacker needs to trick the user to open the malicious file to trigger this vulnerability. If the browser plugin extension is enabled, visiting a malicious site can also trigger the vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-22T22:53:20.000000Z"}, {"uuid": "82e6baf3-e1c9-4e58-9685-a960a8669159", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13547", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2282", "content": "#Threat_Research\n1. Prototype Pollution PoC\n(Affecting\u00a0ini\u00a0package, versions\u00a0<1.3.6)\nhttps://snyk.io/vuln/SNYK-JS-INI-1048974\n2. Foxit Reader JavaScript media openPlayer type confusion vulnerability (PoC for CVE-2020-13547)\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2020-1165", "creation_timestamp": "2020-12-31T18:32:41.000000Z"}, {"uuid": "7e6c9dd7-848a-4566-9e1c-c3e711f3df13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13542", "type": "seen", "source": "https://t.me/cibsecurity/17104", "content": "\u203c CVE-2020-13542 \u203c\n\nA local privilege elevation vulnerability exists in the file system permissions of LogicalDoc 8.5.1 installation. Depending on the vector chosen, an attacker can either replace the service binary or replace DLL files loaded by the service, both which get executed by a service thus executing arbitrary commands with System privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-03T20:26:17.000000Z"}, {"uuid": "a57d4287-402a-4d04-aa94-52835db196ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-13543", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2203", "content": "Multiple vulnerabilities in WebKit (PoCs)\n- Webkit WebSocket code execution vulnerability (CVE-2020-13543):\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2020-1155\n- Webkit ImageDecoderGStreamer use-after-free vulnerability (CVE-2020-13584):\nhttps://talosintelligence.com/vulnerability_reports/TALOS-2020-1195", "creation_timestamp": "2020-12-01T11:07:01.000000Z"}]}