A Denial of Service exists in Remote Desktop Services formerly known as Terminal Services when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests.

This update corrects wrong category specification.

This module will send various malformed messages over ssl to the target service in order to detect a discrepancy between the server's responses, if this is the case, it will mark said target as vulnerable to this kind of attacks (ROBOT attack)

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. The vulnerability could corrupt memory in such a way that an attacker could execute arbitrary code in the context of the current user. An attacker who successfully exploited the vulnerability could gain the same user rights as the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs, view, change, or delete data, or create new accounts with full user rights.



In a web-based attack scenario, an attacker could host a specially crafted website that is designed to exploit the vulnerability through Internet Explorer and then convince a user to view the website. An attacker could also embed an ActiveX control marked safe for initialization in an application or Microsoft Office document that hosts the IE rendering engine. The attacker could also take advantage of compromised websites and websites that accept or host user-provided content or advertisements. These websites could contain specially crafted content that could exploit the vulnerability.

Apache Solr is prone to a remote vulnerability that allows attackers to take advantage of an insecure deployment of the JMX/RMI service used to manage and monitor the Java Virtual Machine.

By exploiting known methods, it is possible to remotely load an MLet file from an attacker controlled web server that points at a jar file.

The specific flaw exists within the handling of XML files. When parsing the ShortMessage SMtext element, the process does not properly validate the length of user-supplied data prior to copying it to a buffer.

Unauthenticated remote command injection vulnerability in Indusoft Web Studio 8.1 SP2. The vulnerability is exercised via the custom remote agent protocol that is typically found on port 1234 or 51234. An attacker can issue a specially crafted command 66 which causes IWS to load a DB connection file off of a network share using SMB. The DB file can contain OS commands that will be executed at the privilege level used by IWS.

This update adds support for Windows 7 SP1 x64.

An unauthenticated OS command injection vulnerability in rConfig using the rootUname parameter present in ajaxServerSettingsChk.php allows an attacker to send a request that will attempt to execute OS commands with permissions of the rConfig process on the host system.

Also, an authenticated OS command injection vulnerability using the catCommand parameter present in search.crud.php allows an attackers to do the same as previous, but credentials are required.

The Solarwinds Dameware Mini Remote Client agent supports smart card authentication by default which allows a user to upload an executable to be executed on the DWRCS.exe host. An unauthenticated, remote attacker can request smart card login and upload and execute an arbitrary executable.

A vulnerability in the Apache Solr Velocity template allows unauthenticated attackers to execute arbitrary OS commands.



This update adds automatic core name detection and newer supported versions.