![]() ![]() Both of these situations could result in verbose errors displaying to users in a production application, which could expose sensitive information from the application. It is also possible to improperly configure the `DefaultHttpErrorHandler` object instance as the injected error handler. This is used as a default value in some Play APIs, so it is possible to inadvertently use this version in production. In its Scala API Play also provides a static object `DefaultHttpErrorHandler` that is configured to always show verbose errors. Play does this by configuring its `DefaultHttpErrorHandler` to do so based on the application mode. Play Framework, when run in dev mode, shows verbose errors for easy debugging, including an exception stack trace. Verions prior to 2.8.16 are vulnerable to generation of error messages containing sensitive information. Play Framework is a web framework for Java and Scala. Tenda AC23 v16.03.07.44 is vulnerable to Stack Overflow that will allow for the execution of arbitrary code (remote). An unauthenticated physical attacker can exploit this vulnerability to execute arbitrary code, manipulate system data or terminate service. HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for OS information. HiCOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for card number. ![]() HICOS’ client-side citizen digital certificate component has a stack-based buffer overflow vulnerability when reading IC card due to insufficient parameter length validation for token information. Affected Products: Easergy P5 (V01.401.102 and prior) A CWE-120: Buffer Copy without Checking Size of Input vulnerability exists that could result in remote code execution or the crash of HTTPs stack which is used for the device Web HMI.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |