Rewterz Threat Alert – APT C-35 Active In the Southeast Asian Region
January 11, 2021Rewterz Threat Alert – Phishing Campaign Impersonating Hotmail Page
January 12, 2021Rewterz Threat Alert – APT C-35 Active In the Southeast Asian Region
January 11, 2021Rewterz Threat Alert – Phishing Campaign Impersonating Hotmail Page
January 12, 2021Severity
High
Analysis Summary
CVE-2020-17534
Apache HTML/Java API could allow a local authenticated attacker to gain elevated privileges on the system, caused by a race condition between the deletion of the temporary file and the creation of the temporary directory in “webkit” subproject. By sending a specially-crafted request, an authenticated attacker could exploit this vulnerability to gain elevated privileges.
Impact
Gain Privileges
Affected Vendors
Apache
Affected Products
Apache HTML/Java API 1.7
Remediation
Upgrade to the latest version of HTML/Java API (1.7.1 or later)