Published: 03/11/2020 Updated: 10/11/2020

CVSS v2 Base Score: 4.9 | Impact Score: 4.9 | Exploitability Score: 6.8

CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3

VMScore: 436

Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N

IBM App Connect Enterprise Certified Container 1.0.0, 1.0.1, 1.0.2, 1.0.3, and 1.0.4 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 189219.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ibm app connect enterprise certified container 1.0.0
ibm app connect enterprise certified container 1.0.1
ibm app connect enterprise certified container 1.0.2
ibm app connect enterprise certified container 1.0.3
ibm app connect enterprise certified container 1.0.4

Was that November's Patch Tuesday? Already? Oh, no, it's just Adobe issuing 14 emergency security fixes

The Register • Thomas Claburn in San Francisco • 04 Nov 2020

Critical Acrobat, Reader flaws evidently couldn't wait until next week Oracle patches severe flaw in WebLogic Server that could be exploited 'without the need for a username and password'

Adobe on Tuesday published updated versions of its Acrobat and Reader software to fix fourteen flaws, four of which have been designated "critical." These updates should be installed as soon as possible to close off their vulnerabilities. The security bulletin (APSB20-67) covers Acrobat DC, Acrobat Reader DC, Acrobat 2020, Acrobat Reader 2020, Acrobat 2017, and Acrobat Reader 2017 for macOS and Windows. It flags fourteen CVEs: None of the CVEs identified have yet been named by CERT/CC's Vulnonym...

CVE-2020-4785

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect