Vulnerabilities (Page 33)

Uninitalized value

An uninitalized “Fast Tracker” in the Window’s HTTP Protocol stack as used by IIS. Despite providing a bit of a crash analysis and a POC the post is missing information about the vulnerability as their primary focus was on building out the exploit.

 

Untrusted `.git` folder in Parent Directory Enabled Code Execution [CVE-2022-24765]

This one is a bit of a cross-user attack on the same machine, as git when executed in a directory that doesn’t have a .git folder, will traverse upward looking for the .git/ of the repo.The problem is if one accidentally invokes git while not in a repository it’ll look in some potentially untrusted locations as it traverses by defualt all the way to the root of the storage…

 

Copy-paste XSS in vditor text editor [CVE-2021-32855]

Copying and pasting an HTML element with a script within it can result in an XSS in vditor text editor.This does feel like a bit of a stretch for an attack scenario, pasting in malicious content to an editor, but not really a thread situation I’ve thought much about either…