130 matches found
Ubuntu 16.04 LTS / 18.04 LTS : Firefox vulnerabilities (USN-3918-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3918-1 advisory. Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could...
CVE-2019-3918
The CVE-2019-3918 entry concerns the Alcatel Lucent I-240W-Q GPON ONT with firmware 3FE54567BOZJ19, which contains multiple hard coded credentials for Telnet and SSH interfaces. The vulnerability is supported by multiple sources: NVD details show a network-facing issue with high impact (C/H/I/A) ...
CVE-2019-3918
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 contains multiple hard coded credentials for the Telnet and SSH interfaces...
Samsung SmartThings Hub hubCore port 39500 sync denial-of-service vulnerability(CVE-2018-3918)
Summary An exploitable vulnerability exists in the remote servers of Samsung SmartThings Hub. The hubCore process listens on port 39500 and relays any unauthenticated messages to SmartThings' remote servers, which incorrectly handle camera IDs for the "sync" operation, leading to arbitrary deleti...
Debian DSA-3918-1 : icedove - security update
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases ESR of Thunderbird. Support for the 45.x series has ended, so starting with this update we're now following the 52.x...
Debian Security Advisory DSA 3918-1 (icedove - security update)
Multiple security issues have been found in Thunderbird, which may lead to the execution of arbitrary code or denial of service. Debian follows the extended support releases ESR of Thunderbird. Support for the 45.x series has ended, so starting with this update we OpenVAS Vulnerability Test $Id:...
A vulnerability leak in your mailbox all the secrets-vulnerability warning-the black bar safety net
Google recently announced a 2 0 1 6 years 1 0 months of Nexus Security Bulletin, which includes a 3 6 0 mobile Guard Alpha teamAlpha Teamto submit e-mail information disclosure Vulnerability, CVE-2 0 1 6-3 9 1 8, The Google of this vulnerability is rated high risk level. The vulnerability can lea...
CVE-2 0 1 6-3 9 1 8: the e-mail information disclosure vulnerability analysis-vulnerability warning-the black bar safety net
Google recently announced a 2 0 1 6 years 1 0 months of Nexus Security Bulletin, which includes a 3 6 0 mobile Guard Alpha teamAlpha Teamto submit e-mail information disclosure Vulnerability, CVE-2 0 1 6-3 9 1 8, The Google of this vulnerability is rated high risk level. The vulnerability can lea...
CVE-2016-3918
CVE-2016-3918 affects AOSP Mail’s email/provider/AttachmentProvider.java. The issue arises in Android versions 4.x up to 4.4.4, 5.0.x up to 5.0.2, 5.1.x up to 5.1.1, 6.x up to 2016-10-01, and 7.0 up to 2016-10-01, where certain values are not validated as integers, enabling a local attacker to re...
F5 Networks BIG-IP : Apache HTTP Expect header handling (SOL6669)
The remote BIG-IP device is missing a patch required by a security advisory. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL6669. The text description of this plugin is C F5 Networks...
Oracle HTTP Server - XSS Header Injection
No description provided by source. --------------------------------------------------------------------------------------------------------- Oracle HTTP Server XSS Header Injection --------------------------------------------------------------------------------------------------------- Attack...
Android Zygote - Socket Vulnerability Fork bomb Attack
No description provided by source. BootReceiver.java / Android Application that performs the fork bomb attack http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2011-3918 Further informations can be found at http://www.ai-lab.it/bugAndroid/bugAndroid.html @author Luca Verderame...
CVE-2012-3918
Cisco IOS
MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 "MS13-090 CardSpaceClaimCollection ActiveX Integer Underflow", 'Description' = %q This module exploits a vulnerability on the...
Immunity Canvas: IE_CARDSPACECLAIMCOLLECTION
Name| iecardspaceclaimcollection ---|--- CVE| CVE-2013-3918 Exploit Pack| CANVAS Description| iecardspaceclaimcollection Notes| CVE Name: CVE-2013-3918 VENDOR: Microsoft NOTES: - This exploits leaks a vtable pointer of a CTable object in order to bypass ASLR - We also leak the shellcode's address...
Technical details of the targeted attack using IE vulnerability CVE-2013-3918
Over the weekend we became aware of an active attack relying on an unknown remote code execution vulnerability of a legacy ActiveX component used by Internet Explorer. We are releasing this blog to confirm one more time that the code execution vulnerability will be fixed in today’s UpdateTuesday...
CVE-2013-3918
CVE-2013-3918 is an out-of-bounds write vulnerability in the InformationCardSigninHelper Class ActiveX control (icardie.dll) used by Internet Explorer. The flaw exists when the ActiveX control is instantiated via a crafted webpage, enabling remote code execution with the current user’s privileges...
Microsoft Windows InformationCardSigninHelper Class ActiveX Control Code Execution (MS13-090; CVE-2013-3918)
A remote code execution vulnerability exists in the InformationCardSigninHelper Class ActiveX control, icardie.dll...
ActiveX Control issue being addressed in Update Tuesday
Late last Friday, November 8, 2013, a vulnerability, CVE-2013-3918, affecting an Internet Explorer ActiveX Control was publically disclosed. We have confirmed that this vulnerability is an issue already scheduled to be addressed in “Bulletin 3”, which will be released as MS13-090, as listed in th...
CVE-2013-3918
creationtimestamp| type| source ---|---|--- 2013-11-11 07:00:00+00:00| seen| https://msrc.microsoft.com/blog/2013/11/activex-control-issue-being-addressed-in-update-tuesday/ 2013-11-12 07:00:00+00:00| seen|...