0xEmma (6)

Last Login: April 27, 2020

Assessments

Score

0xEmma's Latest (3) Contributions

Sort by:

Filter by:

0xEmma assessed Installing a malicious gem may lead to arbitrary code execution

March 15, 2020 7:14pm UTC (4 years ago)•Edited 4 years ago

Ratings

Attacker Value

Very Low

Exploitability

Medium

Requires user interaction

Technical Analysis

In order for this attack to happen a Attacker needs to convince someone to install a ruby gem, which if someone is able to do that they would be able to find a better attack method.

0xEmma assessed Chrome Cookie Extraction

March 15, 2020 7:03pm UTC (4 years ago)•Edited 4 years ago

Ratings

Attacker Value

Medium

Exploitability

Very Low

Difficult to patch Difficult to weaponize

Technical Analysis

Although this can lead to cookie leaks, the typical session cookie expires. And the complexity of this attack requires local access to a system, which, generally you have other ways to get this information.

0xEmma assessed CVE-2020-8510

March 15, 2020 7:00pm UTC (4 years ago)•Edited 4 years ago

Ratings

Attacker Value

Very High

Exploitability

Very High

Easy to weaponize Gives privileged access Unauthenticated Vulnerable in default configuration

Technical Analysis

Easy to exploit, although software not common in enterprise, this can lead to dumping of a contact book and adding more contacts which can lead to a SE attack

0xEmma (6)

Last Login: April 27, 2020

0xEmma's Latest (3) Contributions

Ratings

Technical Analysis

Ratings

Technical Analysis

Ratings

Technical Analysis

Quick Cookie Notification