CVE-2016-6234

CVE-2016-6234 targets Dropbox Lepton 1.0. The issue is in the process_file function (lepton/jpgcoder.cc) and can be triggered by a crafted JPEG to cause a denial of service (crash). The vulnerability is documented across multiple sources (NVD, SUSE, Ubuntu, OSV, CVE list, CNVD) and described as a...

CVE-2016-6234

The processfile function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service crash via a crafted jpeg file...

CVE-2016-6235

The CVE-2016-6235 issue affects Dropbox Lepton 1.0’s setup_imginfo_jpg function in lepton/jpgcoder.cc. A crafted JPEG can trigger a segmentation fault, causing a denial of service. The vulnerability is triggered remotely via a crafted file, with the documented impact being DoS (segmentation fault...

CVE-2016-6237

The CVE-2016-6237 issue affects Dropbox Lepton 1.0, caused by the build_huffcodes function in lepton/jpgcoder.cc. A crafted JPEG file can trigger an out-of-bounds write, leading to a denial of service. Documents confirm the vulnerability mechanism and impact but do not provide exploitation status...

CVE-2016-6237

The buildhuffcodes function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause denial of service out-of-bounds write via a crafted jpeg file...

CVE-2016-6235

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service segmentation fault via a crafted jpeg file...

CVE-2016-6236

The setupimginfojpg function in lepton/jpgcoder.cc in Dropbox lepton 1.0 allows remote attackers to cause a denial of service out-of-bounds read via a crafted jpeg file...

Dropbox Paper Beta - BSD license, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Dropbox Paper Beta published at the 'play' market has multiple vulnerabilities...

acari-lib (>=0.1.1 <=0.1.8), acick (>=0.0.6 <=0.2.0-alpha.0) +1254 more potentially affected by CVE-2017-18587 via hyper (>=0.10.13 <=0.10.16)

hyper CARGO version =0.10.13, =0.1.1, =0.0.6, =0.0.7-alpha.3, =0.0.7-alpha.1, =0.1.0, =0.4.1, =0.1.0, =0.2.0, =0.0.1, =0.3.2, =0.1.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2017-18587 Source advisory: OSV:RUSTSEC-2017-0002...

A text message to let the other iPhone's Message app crashes(attached to the PoC and solution)-vulnerability warning-the black bar safety net

! The researchers said they found a can let the iPhone device, the Message application crash message, affecting iOS8-iOS 10.2.1 it. First look at the demo. Do not try so do it! If you want to test your iPhone at your own risk 1.下载文件vincedes3.com/vincedes3.vcf 2. Upload to iCloud Drive, Dropbox,...

WordPress Backup & Restore Dropbox plugin <= 1.4.7 - Authenticated Information Disclosure Vulnerability

WordPress Restore Dropbox plugin has a PHP object injection vulnerability. The plugin’s admin functions are accessible to any logged in user. Solution Update the plugin...

WordPress Restore Dropbox plugin <= 1.4.7 - PHP Object Injection Vulnerability

WordPress Restore Dropbox plugin allows a possible PHP Object Injection vulnerability in wpadmunpack function. Solution Update the plugin...

Russian Hacker Behind LinkedIn Breach also Charged with Hacking Dropbox and Formspring

The alleged Russian hacker, who was arrested by the FBI in collaboration with the Czech police, was believed to be the one responsible for massive 2012 data breach at LinkedIn, according to a statement released by LinkedIn. Now, United States authorities have officially indicted Yevgeniy...

Turkey Blocks GitHub, Google Drive and Dropbox to Censor RedHack Leaks

Turkey is again in the news for banning online services, and this time, it's a bunch of sites and services offered by big technology giants. Turkey government has reportedly blocked access to cloud storage services including Microsoft OneDrive, Dropbox, and Google Drive, as well as the code hosti...

Download: 68 Million Hacked Dropbox Accounts are Just a Click Away!

Over a month ago, The Hacker News reported about the Dropbox Hack, where hackers had managed to steal more than 68 Million Dropbox accounts in a data breach that was initially disclosed by the online cloud storage platform in 2012. Although the initial announcement failed to reveal the true scale...

Dropbox Desktop Client 9.4.49 Credential Disclosure

Dropbox Desktop Client v9.4.49 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.dropbox.com Date 06/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Minin...

Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure

Dropbox Desktop Client 9.4.49 x64 - Local Credentials Disclosure Dropbox Desktop Client v9.4.49 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.dropbox.com Date 06/09/2016 Bug Discovery by: Yakir Wizman...

Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure

Exploit for windows platform in category local exploits Dropbox Desktop Client v9.4.49 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.dropbox.com Date 06/09/2016 Bug Discovery by: Yakir Wizman...

Dropbox Desktop Client 9.4.49 (x64) - Local Credentials Disclosure

Dropbox Desktop Client v9.4.49 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.dropbox.com Date 06/09/2016 Bug Discovery by: Yakir Wizman https://www.linkedin.com/in/yakirwizman http://www.black-rose.ml Viktor Minin...

Multiple Applications - Local Credentials Disclosure

Multiple Applications - Local Credentials Disclosure. Local exploit for Windows platform Dropbox Desktop Client v9.4.49 64bit Local Credentials Disclosure Tested on Windows Windows Server 2012 R2 64bit, English Vendor Homepage @ https://www.dropbox.com Date 06/09/2016 Bug Discovery by: Yakir Wizm...