A cryptographic issue in Nextcloud Server 19.0.1 allowed an malicious user to downgrade the encryption scheme and break the integrity of encrypted files.
<!--X-Body-Begin-->
<!--X-User-Header-->
Full Disclosure
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
<!--X-Subject-Header-End-->
<!--X-Head-of-Mes ...
<!--X-Body-Begin-->
<!--X-User-Header-->
Full Disclosure
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: [FD] CVE-2020-8150 – Remote Code Execution as SYSTEM/root via Backblaze
<!--X-Subject-Header-End-->
<!--X-Head-o ...
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
Summary
Name: Remote Code Execution as SYSTEM/root via Backblaze
CVE: CVE-2020-8289
Discoverer: Jason Geffner
Vendor: Backblaze
Product: Backblaze for Windows and Backblaze for macOS
Risk: Critical
Discovery Date: 2020-03-13
Publication Data: 2020-09-09
Fixed Version: 701433 (Windows) and 710434 (mac
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
CVE-2020-8289 – Remote Code Execution as SYSTEM/root via Backblaze
Summary
Name: Remote Code Execution as SYSTEM/root via Backblaze
CVE: CVE-2020-8289
Discoverer: Jason Geffner
Vendor: Backblaze
Product: Backblaze for Windows and Backblaze for macOS
Risk: Critical
Discovery Date: 2020-03-13
Publication Data: 2020-09-09
Fixed Version: 701433 (Windows) and 710434 (mac