purpleracc00n

2 exploits Active since Sep 2019

CVE-2019-16941 NOMISEC CRITICAL WRITEUP

NSA Ghidra <= 9.0.4 - Remote Code Execution via Bit Patterns Explorer XML File Processing

NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An attack could start with an XML document that was originally created by DumpFunctionPatternInfoScript but then directly modified by an attacker (for example, to make a java.lang.Runtime.exec call).

4 stars

CVSS 9.8

View Code

CVE-2020-6958 WRITEUP CRITICAL WRITEUP

Yet Another Java Service Wrapper 12.14 - XML External Entity Injection in JnlpSupport

An XXE vulnerability in JnlpSupport in Yet Another Java Service Wrapper (YAJSW) 12.14, as used in NSA Ghidra and other products, allows attackers to exfiltrate data from remote hosts and potentially cause denial-of-service.

CVSS 9.1

View Code