From my initial reading on it, it sounds like if you have have an at risk system running many common web applications, then it is possible for an attacker to run arbitrary code. Is this overhyped due to this being a new vulnerability or is this something to be worried about?
A remote attacker able to make an application call either of these functions could use this flaw to execute arbitrary code with the permissions of the user running the application.
From: http://ift.tt/1D3fUve
Aucun commentaire:
Enregistrer un commentaire