Overview Recently, NSFOCUS CERT detected that the details of Windows LDAP remote code execution vulnerability (CVE-2024-49113) were disclosed. Due to an out-of-bounds read vulnerability in wldap32.dll of Windows LDAP service, an unauthenticated attacker can induce a target server (as an LDAP client) to initiate a query request to a malicious LDAP server controlled by the…
Category: Emergency Response
Adobe, Adobe ColdFusion, Blog, CVE-2024-53961, Emergency Response, Global Security News, Security Bloggers Network
Adobe ColdFusion Any File Read Vulnerability (CVE-2024-53961)
Overview Recently, NSFOCUS CERT detected that Adobe issued a security announcement and fixed any file read vulnerability in Adobe ColdFusion (CVE-2024-53961). Due to improper restrictions on pathnames in Adobe ColdFusion, unauthenticated attackers can bypass the application’s restrictions to read files or directories outside of the restricted directory. As a result, sensitive information may be disclosed…