Juliano Rizzo

**Name of the Vulnerable Software and Affected Versions** Cisco Finesse versions 8.5(1) through 8.5(5) Cisco Finesse version 8.6(1) Cisco Finesse versions 9.0(1) through 9.0(2) Cisco Finesse version 9.1(1) Cisco Finesse version 9.1(1)SU1 Cisco Finesse version 9.1(1)SU1.1 Cisco Finesse versions 9.1(1)ES1 through 9.1(1)ES5 Cisco Finesse version 10.0(1) Cisco Finesse version 10.0(1)SU1 Cisco Finesse version 10.0(1)SU1.1 Cisco Finesse version 10.5(1) Cisco Finesse versions 10.5(1)ES1 through 10.5(1)ES4 Cisco Finesse version 10.5(1)SU1 Cisco Finesse version 10.5(1)SU1.1 Cisco Finesse version 10.5(1)SU1.7 Cisco Finesse version 10.6(1) Cisco Finesse version 10.6(1)SU1 Cisco Finesse version 10.6(1)SU2 Cisco Finesse version 11.0(1) **Description** The issue allows remote attackers to conduct server-side request forgery (SSRF) attacks via a crafted request. This is related to the gadgets-integration API in Cisco Finesse. **Recommendations** For Cisco Finesse versions 8.5(1) through 8.5(5), update to a version outside of this range to resolve the issue. For Cisco Finesse version 8.6(1), update to a version outside of this range to resolve the issue. For Cisco Finesse versions 9.0(1) through 9.0(2), update to a version outside of this range to resolve the issue. For Cisco Finesse version 9.1(1), update to a version outside of this range to resolve the issue. For Cisco Finesse version 9.1(1)SU1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 9.1(1)SU1.1, update to a version outside of this range to resolve the issue. For Cisco Finesse versions 9.1(1)ES1 through 9.1(1)ES5, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.0(1), update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.0(1)SU1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.0(1)SU1.1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.5(1), update to a version outside of this range to resolve the issue. For Cisco Finesse versions 10.5(1)ES1 through 10.5(1)ES4, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.5(1)SU1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.5(1)SU1.1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.5(1)SU1.7, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.6(1), update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.6(1)SU1, update to a version outside of this range to resolve the issue. For Cisco Finesse version 10.6(1)SU2, update to a version outside of this range to resolve the issue. For Cisco Finesse version 11.0(1), update to a version outside of this range to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft .NET Framework versions 1.1 SP1 through 4.0 **Description** The issue allows remote attackers to decrypt and modify encrypted View State form data via a padding oracle attack. This could possibly lead to forging cookies or reading application files. An information disclosure vulnerability exists due to improper error handling during encryption padding verification, allowing an attacker to read encrypted data, such as the view state. This vulnerability can also be used for data tampering, which could be used to decrypt and tamper with the data encrypted by the server. In Microsoft .NET Framework 3.5 Service Pack 1 and above, an attacker can retrieve the contents of any file within the ASP.NET application, including web.config. **Recommendations** For Microsoft .NET Framework versions 1.1 SP1 through 4.0, update to a version that includes the fix for this issue to prevent exploitation. As a temporary workaround, consider restricting access to sensitive files within the ASP.NET application and disabling detailed error codes during decryption attempts to minimize the risk of exploitation. Avoid using the ` VIEWSTATE` form data in sensitive operations until the issue is resolved.

Name of the Vulnerable Software and Affected Versions: RealOne Player versions 6.0.11.x and earlier RealPlayer 8/RealPlayer Plus 8 version 6.0.9.584 Description: The issue concerns the PNG deflate algorithm, which allows remote attackers to corrupt the heap and overwrite arbitrary memory. This is achieved through a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, treated as a very large length. Recommendations: For RealOne Player versions 6.0.11.x and earlier, update to a version later than 6.0.11.x to resolve the issue. For RealPlayer 8/RealPlayer Plus 8 version 6.0.9.584, update to a version later than 6.0.9.584 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** curl versions prior to 7.24.0 Oracle (affected versions not specified) **Description** The issue concerns multiple vulnerabilities in the curl package and Oracle products, which can lead to breaches of confidentiality, integrity, and availability of protected information. Exploitation can be done remotely. The SSL protocol, used in certain configurations in various products, including Microsoft Windows, Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and others, is vulnerable to a "BEAST" attack. This attack allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack on an HTTPS session, in conjunction with JavaScript code that uses the HTML5 WebSocket API, Java URLConnection API, or Silverlight WebClient API. **Recommendations** For curl versions prior to 7.24.0, update to version 7.24.0 or later to mitigate the risk. For Oracle products, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider disabling the use of CBC mode with chained initialization vectors in SSL configurations to minimize the risk of exploitation. Restrict access to sensitive data and limit the execution of arbitrary SQL commands to reduce the impact of potential attacks.

**Name of the Vulnerable Software and Affected Versions** TLS protocol versions 1.2 and earlier Mozilla Firefox (affected versions not specified) Google Chrome (affected versions not specified) Qt (affected versions not specified) **Description** The issue allows man-in-the-middle attackers to obtain plaintext HTTP headers by observing length differences during a series of guesses in which a string in an HTTP request potentially matches an unknown string in an HTTP header, also known as a "CRIME" attack. **Recommendations** For TLS protocol versions 1.2 and earlier, consider disabling TLS compression until a patch is available. For Mozilla Firefox, update to a version that properly obfuscates the length of unencrypted data. For Google Chrome, update to a version that properly obfuscates the length of unencrypted data. For Qt, update to a version that properly obfuscates the length of unencrypted data.