121 matches found
March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1
March 2017 Security Monthly Quality Rollup for Windows 7 SP1 and Windows Server 2008 R2 SP1 Summary This security update resolves the following vulnerabilities in Windows: MS17-022 Security update for Microsoft XML Core Services MS17-021 Security update for DirectShow MS17-020 Security update for...
MS17-020: Security update for Windows DVD Maker: March 14, 2017
Resolves an information disclosure vulnerability in Windows DVD Maker. This vulnerability could allow an attacker to obtain information to further compromise a targeted system.SummaryTo learn more about the vulnerability that this update fixes, see Microsoft Security Bulletin MS17-020. More...
Fortinet FortiGate ZebOS routing remote shell service enabled (FG-IR-15-020)
The Fortinet FortiGate device has the ZebOS routing remote shell service enabled. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if descriptio...
Cross-Site Scripting in third party library mso/idna-convert
More info at https://typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-020...
spt-020.com XSS vulnerability
Vulnerable URL: http://www.spt-020.com/intro.asp?zid=1%22--%3E%3Csvg/onload=;prompt%28/OPENBUGBOUNTY/%29;%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 27.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculate...
MS16-020: Security update for Active Directory Federation Services to address denial of service: February 9, 2016
None None...
Oracle BeeHive 2 - 'voice-servlet processEvaluation()' Write File (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "Oracle BeeHive 2 voice-servlet processEvaluation Vulnerability", 'Description' = %q This module exploits a vulnerability found in...
[CVE-2 0 1 5-0 0 9 6]Microsoft Windows Shell SMB LNK Code Execution Exploit-vulnerability warning-the black bar safety net
require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::EXE include Msf::Exploit::FILEFORMAT include Msf::Exploit::Remote::SMB::Server::Share attraccessor :exploitdllname def initializeinfo = superupdateinfoinfo, 'Name' = 'Microsoft Windows Shell LN...
Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be sent to the...
Microsoft Windows Shell SMB LNK Code Execution Exploit
This Metasploit module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This creates an SMB resource to provide the payload and the trigger, and generates a LNK file which must be...
Microsoft Windows Shell SMB LNK Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Microsoft Windows Shell LNK Code Execution', 'Description' = %q This module exploits a vulnerability in the MS10-046 patch to abuse...
Microsoft Windows Shell LNK Code Execution
This module exploits a vulnerability in the MS10-046 patch to abuse again the handling of Windows Shortcut files .LNK that contain an icon resource pointing to a malicious DLL. This module creates the required files to exploit the vulnerability. They must be uploaded to an UNC path accessible by...
Microsoft Windows - Text Services Memory Corruption (MS15-020)
Microsoft Windows - Text Services Memory Corruption MS15-020 Application: Microsoft Windows Text Services memory corruption. Platforms: Windows Versions: list. Microsoft: MS15-020 Secunia: SA63220 PRL: 2015-03 Author: Francis Provencher Protek Research Lab’s Website:...
Microsoft Windows - Text Services Memory Corruption (MS15-020)
Application: Microsoft Windows Text Services memory corruption. Platforms: Windows Versions: list. Microsoft: MS15-020 Secunia: SA63220 PRL: 2015-03 Author: Francis Provencher Protek Research Lab’s Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch 1 Introduction 2 Report Timelin...
MS15-020: Vulnerabilities in Windows could allow remote code execution: March 10, 2015
Resolves vulnerabilities in Windows that could allow remote code execution if an attacker successfully convinces a user to browse to a specially crafted website or working directory.SummaryThis security update resolves vulnerabilities in Microsoft Windows. The vulnerabilities could allow remote...
STRUTS2 S2-0 2 0 patch bypass vulnerability-vulnerability warning-the black bar safety net
0×0 0 background Security researchers noted that the Apache Struts2 vulnerability Bulletin S2-0 2 0, in process repair CVE-2 0 1 4-0 0 9 4 bug fixes program vulnerability exists, resulting patch is completely bypassed. 0×0 1 Analysis Struts2 S2-0 2 0 was added .\.|^ class\.. to filter action...
大汉版通JACT系统存在s2-020
简要描述: struts2补丁不及时。 详细说明: 大汉版通JACT系统使用的struts2存在s2-020漏洞,该漏洞在一定条件会为系统带来较大安全风险。例如当系统部署在Tomcat下时,class.classLoader.resources.dirContext.docBase可被任意赋值从而导致网站不可用或者文件下载等,如果Tomcat是运行在windows系统下则还可能造成远程代码执行。更多内容参考:http://drops.wooyun.org/papers/1377 PS:附送任意文件下载一枚:...
Mandriva Linux Security Advisory : x11-server (MDVSA-2014:020)
Updated x11-server package fixes security vulnerability : Bryan Quigley discovered an integer underflow in the Xorg X server which could lead to denial of service or the execution of arbitrary code CVE-2013-6424. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and packag...
Microsoft SMB Response Parsing Memory Corruption (MS10-020; CVE-2010-0476) - High Confidence
A remote code execution vulnerability has been reported in the Microsoft Windows Server Message Block SMB client implementation...
Microsoft OLE Automation Remote Code Execution Vulnerability (2802968)
This host is missing a critical security update according to Microsoft Bulletin MS13-020. OpenVAS Vulnerability Test $Id: secpodms13-020.nasl 5346 2017-02-19 08:43:11Z cfi $ Microsoft OLE Automation Remote Code Execution Vulnerability 2802968 Authors: Antu Sanadi Copyright: Copyright c 2013 SecPo...