[CVE-2023-4491, CVE-2023-4492, CVE-2023-4493, CVE-2023-4494, CVE-2023-4495, CVE-2023-4496, CVE-2023-4497] Multiple vulnerabilities in EFS Software products

August 31, 2023

Read Time:22 Second

Posted by Rafael Pedrero on Aug 31

# Exploit Title: Easy Address Book Web Server v1.6 – Multiple
Vulnerabilities
# Discovery by: Rafael Pedrero
# Discovery Date: 2021-01-10
# CVE: CVE-2023-4491, CVE-2023-4492, CVE-2023-4493
# Vendor Homepage: http://www.efssoft.com/web-address-book-server.html
# Software Link : http://www.efssoft.com/eabws.exe (md5sum:
69f77623bb32589fb5343f598b61bbd9)
# Tested Version: 1.6
# Tested on: Windows 7, 10

# CVE-2023-4491: Vulnerability Type:…

USN-7189-1: HTMLDOC vulnerabilities

It was discovered that HTMLDOC incorrectly handled certain inputs, which could lead to an integer overflow. An attacker could potentially...

January 8, 2025

USN-7188-1: FFmpeg vulnerability

It was discovered that FFmpeg incorrectly handled certain input, which could lead to an integer overflow. An attacker could possibly...

January 8, 2025

USN-7179-3: Linux kernel (GKE) vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote...

January 7, 2025

USN-7169-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 7, 2025

USN-7167-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This...

January 7, 2025

firefox-134.0-1.fc41

FEDORA-2025-6fcde64d77 Packages in this update: firefox-134.0-1.fc41 Update description: Updated to latest upstream (134.0) Read More

January 7, 2025

A Day in the Life of a Prolific Voice Phishing Crew

The AI Fix #32: Agentic AI, killer robot fridges, and the robosexual revolution

New Research Highlights Vulnerabilities in MLOps Platforms

Moxa Urges Immediate Updates for Security Vulnerabilities

US Treasury Department Sanctions Chinese Company Over Cyberattacks

Phishing Click Rates Triple in 2024

UK Government to Ban Creation of Explicit Deepfakes

CISA Claims Treasury Breach Did Not Impact Other Agencies

Supply Chain Attack Targets Key Ethereum Development Tools

[CVE-2023-4491, CVE-2023-4492, CVE-2023-4493, CVE-2023-4494, CVE-2023-4495, CVE-2023-4496, CVE-2023-4497] Multiple vulnerabilities in EFS Software products

USN-7189-1: HTMLDOC vulnerabilities

USN-7188-1: FFmpeg vulnerability

USN-7179-3: Linux kernel (GKE) vulnerabilities

USN-7169-3: Linux kernel vulnerabilities

USN-7167-2: Linux kernel vulnerabilities

firefox-134.0-1.fc41