Rewterz Threat Alert – Remcos RAT – Fresh IOCs
August 23, 2021Rewterz Threat Advisory – CVE-2021-2189 – Oracle E-Business Suite Sales Offline Denial of Service
August 24, 2021Rewterz Threat Alert – Remcos RAT – Fresh IOCs
August 23, 2021Rewterz Threat Advisory – CVE-2021-2189 – Oracle E-Business Suite Sales Offline Denial of Service
August 24, 2021Severity
High
Analysis Summary
CVE-2021-35940
Apache Portable Runtime could allow a remote attacker to obtain sensitive information, caused by an out-of-bounds array read in the apr_time_exp*() functions. By sending a specially crafted request, an attacker could exploit this vulnerability to obtain sensitive information, or cause a denial of service condition
Impact
- Denial of Services
- Exposure of Sensitive Data
Affected Vendors
Apache
Affected Products
- Apache Portable Runtime 1.7.0
Remediation
Upgrade to the latest version of Apache Portable Runtime, available from the Apache Web site.