'; } else{ echo ''; } echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "update1.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "update1.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "update1.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "update1.hp-telecom.com") { echo ''; echo 'hp-telecom'; } elseif ($_SERVER[HTTP_HOST] == "update1.maipu.com") { echo ''; echo 'Maipu'; } elseif ($_SERVER[HTTP_HOST] == "update1.ncurity.com") { echo ''; echo 'Ncurity'; } elseif ($_SERVER[HTTP_HOST] == "update1.socusnetwork.com") { echo ''; echo 'Socusnetwork'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

vul_other: microsoft_internet_explorer_ctraveientry_use-after-free_remote_code_exec(Rule ID:1070310110)

Release Date2025/9/15

Rule NameCVE-2016-0113: Microsoft Internet Explorer CTraveIEntry Use-After-Free Remote Code Execution Vulnerability

Severity:high

CVE IDCVE-2016-0113

 

Descripiton

The vulnerability relates to how internet explorer stores the user's browsing history for forward/back navigation. By manipulating a document's elements an attacker can force a CTraveIEntry object in memory to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process. This rule supports to defend the A6: Vulnerable and Outdated Components of OWASP Top 10 - 2021.
Other reference:None

 

Solution

Update vendor patches.