CVE-2019-17634 - OpenCVE

Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Single

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:M/Au:S/C:C/I:C/A:C

Vendors & Products
CPE Configurations

Vendors	Products
Eclipse	Memory Analyzer

Configuration 1 [-]

cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*

References

Link	Resource
https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542	Exploit Issue Tracking Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: eclipse

Published: 2020-01-17T18:35:13

Updated: 2020-01-17T18:35:13

Reserved: 2019-10-16T00:00:00

Link: CVE-2019-17634

JSON object: View

NVD Information

Status : Analyzed

Published: 2020-01-17T19:15:11.870

Modified: 2020-01-24T16:00:55.687

Link: CVE-2019-17634

JSON object: View

Redhat Information

No data.

CWE

CWE-79

{"containers": {"cna": {"affected": [{"product": "Eclipse Memory Analyzer", "vendor": "The Eclipse Foundation", "versions": [{"status": "affected", "version": "All versions prior to version 1.9.2"}]}], "credits": [{"lang": "en", "value": "Thanks to Iassen Minov for reporting the issue."}], "descriptions": [{"lang": "en", "value": "Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2020-01-17T18:35:13", "orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "shortName": "eclipse"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "security@eclipse.org", "ID": "CVE-2019-17634", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Eclipse Memory Analyzer", "version": {"version_data": [{"version_value": "All versions prior to version 1.9.2"}]}}]}, "vendor_name": "The Eclipse Foundation"}]}}, "credit": [{"lang": "eng", "value": "Thanks to Iassen Minov for reporting the issue."}], "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}]}, "references": {"reference_data": [{"name": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542", "refsource": "CONFIRM", "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542"}]}}}}, "cveMetadata": {"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c", "assignerShortName": "eclipse", "cveId": "CVE-2019-17634", "datePublished": "2020-01-17T18:35:13", "dateReserved": "2019-10-16T00:00:00", "dateUpdated": "2020-01-17T18:35:13", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:eclipse:memory_analyzer:*:*:*:*:*:*:*:*", "matchCriteriaId": "A6550331-1E8F-4C06-8611-F8AD6F2889CB", "versionEndIncluding": "1.9.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Eclipse Memory Analyzer version 1.9.1 and earlier is subject to a cross site scripting (XSS) vulnerability when generating an HTML report from a malicious heap dump. The user must chose todownload, open the malicious heap dump and generate an HTML report for the problem to occur. The heap dump could be specially crafted, or could come from a crafted application or from an application processing malicious data. The vulnerability is present whena report is generated and opened from the Memory Analyzer graphical user interface, or when a report generated in batch mode is then opened in Memory Analyzer or by a web browser. The vulnerability could possibly allow code execution on the local system whenthe report is opened in Memory Analyzer."}, {"lang": "es", "value": "Eclipse Memory Analyzer versi\u00f3n 1.9.1 y versiones anteriores est\u00e1 sujeto a una vulnerabilidad de cross site scripting (XSS) al generar un informe HTML a partir de un volcado de almacenamiento din\u00e1mico malintencionado. El usuario debe elegir descargar, abrir el volcado de almacenamiento din\u00e1mico malintencionado y generar un informe HTML para que se produzca el problema. El volcado de mont\u00f3n podr\u00eda ser especialmente dise\u00f1ado, o podr\u00eda provenir de una aplicaci\u00f3n dise\u00f1ada o de una aplicaci\u00f3n que procesa datos malintencionados. La vulnerabilidad est\u00e1 presente cuando se genera y abre un informe desde la interfaz gr\u00e1fica de usuario del Analizador de memoria, o cuando se abre un informe generado en modo por lotes en el Analizador de memoria o por un explorador web. La vulnerabilidad podr\u00eda permitir la ejecuci\u00f3n de c\u00f3digo en el sistema local cuando se abre el informe en el Analizador de memoria."}], "id": "CVE-2019-17634", "lastModified": "2020-01-24T16:00:55.687", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 8.5, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 6.8, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.0, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-01-17T19:15:11.870", "references": [{"source": "emo@eclipse.org", "tags": ["Exploit", "Issue Tracking", "Vendor Advisory"], "url": "https://bugs.eclipse.org/bugs/show_bug.cgi?id=552542"}], "sourceIdentifier": "emo@eclipse.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-79"}], "source": "emo@eclipse.org", "type": "Secondary"}]}