Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard MS15-061 Source: https://code.google.com/p/google-security-research/issues/detail?id=294 Platform: Win7 32-bit. trigger.cpp should fire the issue, with a caveat - PoC might NOT work if compiled as a debug build...

nevisAuth Authentication Bypass Vulnerability

nevisAuth versions since 4.13.0.0 2012-11-21 and prior to 4.18.3.1 2015-07-02 suffer from an authentication bypass vulnerability. Product: nevisAuth 1 Vendor: AdNovum 2 CVD ID: CVE-2015-5372 Subject: Authentication Bypass Risk: Critical Effect: Remotely exploitable Authors: Antoine Neuenschwander...

Microsoft Windows Kernel - Null Pointer Dereference with Window Station and Clipboard (MS15-061)

Source: https://code.google.com/p/google-security-research/issues/detail?id=294 Platform: Win7 32-bit. trigger.cpp should fire the issue, with a caveat - PoC might NOT work if compiled as a debug build. windbg.txt is a sample crash log. Analysis from Nils: --- please find attached a C trigger,...

Buffer overflow in libvpx while parsing vp9 format video — Mozilla

Security researcher Khalil Zhani reported that a maliciously crafted vp9 format video could be used to trigger a buffer overflow while parsing the file. This leads to a potentially exploitable crash due to a flaw in the libvpx library...

Memory safety errors in libGLES in the ANGLE graphics library — Mozilla

Security researcher Ronald Crane reported two issues in the libGLES portions of the ANGLE graphics library, used for WebGL and OpenGL content on Windows systems. The first of these is a missing bounds check leading to memory safety errors when manipulating shaders which could result in the writin...

Buffer overflow while decoding WebM video — Mozilla

Using the Address Sanitizer tool, security researcher Atte Kettunen discovered a buffer overflow in the nestegg library when decoding a WebM format video with maliciously formatted headers. This leads to a potentially exploitable crash...

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow Source: https://code.google.com/p/google-security-research/issues/detail?id=524 Fuzzing CHM files with Kaspersky Antivirus produced the attached crash. 83c.fec: Access violation - code c0000005 first chance First chance exceptions are report...

Kaspersky AntiVirus - CHM Parsing Stack Buffer Overflow

Source: https://code.google.com/p/google-security-research/issues/detail?id=524 Fuzzing CHM files with Kaspersky Antivirus produced the attached crash. 83c.fec: Access violation - code c0000005 first chance First chance exceptions are reported before any exception handling. This exception may be...

ADH-Web IP Camera Access Bypass

Advisory Information Title: ADH-Web Server IP-Cameras Improper Access Restrictions Date published: 2015-09-19 Date of last update: 2015-09-19 Vendors contacted: ADH-Web Author: Glaysson dos Santos Release mode: User release 2. Vulnerability Information Class: Information Exposure CWE-200 Impact:...

ADH-Web Server IP-Cameras - Multiple Vulnerabilities

Adivisory Information Title: ADH-Web Server IP-Cameras Improper Access Restrictions EDB-ID: 38245 Advisory ID: OLSA-2015-0919 Advisory URL: http://www.orwelllabs.com/2015/10/adh-web-server-ip-cameras-improper.html Date published: 2015-09-19 Date of last update: 2016-02-15 Vendors contacted:...

ZeusCart 4.0 - SQL Injection / CSRF Vulnerability

Exploit for php platform in category web applications ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: email protected Vulnerability Type: SQL Injection Remote...

ZeusCart 4.0 - Cross-Site Request Forgery

ZeusCart 4.0 - Cross-Site Request Forgery ZeusCart 4.0: CSRF Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendo...

ZeusCart 4.0 - SQL Injection

ZeusCart 4.0 - SQL Injection ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to...

ZeusCart 4.0 - SQL Injection

ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclosed ...

ZeusCart 4.0 SQL Injection

ZeusCart 4.0: SQL Injection Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: SQL Injection Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclosed ...

ZeusCart 4.0 Cross Site Request Forgery

ZeusCart 4.0: CSRF Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: CSRF Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclosed to public:...

ZeusCart 4.0 Code Execution

ZeusCart 4.0: Code Execution Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Code Execution Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclose...

ZeusCart 4.0 Cross Site Scripting

ZeusCart 4.0: XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: ZeusCart 4.0 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: XSS Remote Exploitable: Yes Reported to vendor: 08/13/2015 Disclosed to public: 09/14/201...

Zen Cart 1.5.4 Code Execution / Information Disclosure

Zen Cart 1.5.4: Code Execution and Information Leak Security Advisory – Curesec Research Team 1. Introduction Affected Product: Zen Cart 1.5.4 Fixed in: partial fix via patch Partial Patch Link: https://www.zen-cart.com/showthread.php?218239-curesec-security-report-Patch-Included Vendor Contact:...

Anchor CMS 0.9.2 Cross Site Scripting / Open Redirect

Anchor CMS 0.9.2: XSS Security Advisory – Curesec Research Team 1. Introduction Affected Product: Anchor CMS 0.9.2 Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: Website: http://anchorcms.com/ Vulnerability Type: XSS and Open Redirect Remote Exploitable: Yes Reported to vendor:...