Computer Security
[EN] securityvulns.ru no-pyccku


CVECVE-2014-8778
StatusUNKNOWN
DescriptionCheckmarx CxSAST (formerly CxSuite) before 7.1.8 allows remote authenticated users to bypass the CxQL sandbox protection mechanism and execute arbitrary C# code by asserting the (1) System.Security.Permissions.PermissionState.Unrestricted or (2) System.Security.Permissions.SecurityPermissionFlag.AllFlags permission.
Severity
High
CVSS score9
CVSS vector(AV:N/AC:L/Au:S/C:C/I:C/A:C)
PhaseASSIGNED (17.09.2015)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-8778
ReferencesBUGTRAQ : 20150903 Checkmarx CxQL Sandbox bypass (CVE-2014-8778)
 FULLDISC : 20150907 Checkmarx CxQL Sandbox bypass (CVE-2014-8778)
 MISC : http://packetstormsecurity.com/files/133437/Checkm...
SecurityVulns:Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod