CodoForum 3.3.1 - Multiple SQL Injections

CodoForum 3.3.1 - Multiple SQL Injections CodoForum 3.3.1: Multiple SQL Injection Vulnerabilities Security Advisory – Curesec Research Team http://blog.curesec.com/article/blog/CodoForum-331-Multiple-SQL-Injection-Vulnerabilities-42.html 1. Introduction Affected Product: CodoForum 3.3.1 Fixed in:...

ModX Revolution 2.3.5-pl Cross Site Scripting

ModX Revolution 2.3.5-pl: Reflected Cross Site Scripting Vulnerability Security Advisory – Curesec Research Team 1. Introduction Affected Product: ModX Revolution 2.3.5-pl Fixed in: not fixed Fixed Version Link: n/a Vendor Contact: [email protected] Vulnerability Type: Reflected XSS Remote...

Schneider Electric Modicon M340 PLC Station P34 Module HMI Vulnerabilities

Update Vulnerabilities in Schneider Electric SCADA gear remain unpatched close to two weeks after they were disclosed during DEF CON. The Industrial Control System Cyber Emergency Response Team ICS-CERT released an alert late last week and patches are currently being validated according to ICS-CE...

Updated gdk-pixbuf2.0 package fixes security vulnerability

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash CVE-2015-4491...

McAfee Application Control Denial of Service Vulnerability

McAfee Application Control is a suite of program control software from the U.S.-based company McAfee. The software protects enterprise servers and endpoints from unauthorized applications and malware threats by using a dynamic trust model. A denial of service vulnerability exists in McAfee...

Shopify - Persistent Embed POST Inject Vulnerability

Document Title: =============== Shopify - Persistent Embed POST Inject Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1556 Video View: https://www.youtube.com/watch?v=5qiJ4UjJtQ Release Date: ============= 2015-08-13 Vulnerability Laboratory ID VL-ID:...

Integer overflows in libstagefright while processing MP4 video metadata — Mozilla

Security researcher Joshua Drake reported potential integer overflows in the libstagefright library while processing video sample metadata in MPEG4 video files. This can lead to a potentially exploitable crash...

Heap overflow in gdk-pixbuf when scaling bitmap images — Mozilla

Security researcher Gustavo Grieco reported a heap overflow in gdk-pixbuf affecting Linux systems using Gnome. This issue is triggered by the scaling of a malformed bitmap format image and results in a potentially exploitable crash...

Use-after-free in MediaStream playback — Mozilla

Security researcher SkyLined reported a use-after-free issue in how audio is handled through the Web Audio API during MediaStream playback through interactions with the Web Audio API. This results in a potentially exploitable crash...

Out-of-bounds write with Updater and malicious MAR file — Mozilla

Security researcher Holger Fuhrmannek reported that if the Updater opens a MAR format file with a specially crafted name, an out-of-bounds write will occur. This can lead to a potentially exploitable crash but requires that the malicious MAR format file be present on the local system and the...

Out-of-bounds read with malformed MP3 file — Mozilla

Security researcher Aki Helin used the Address Sanitizer tool to discover an out-of-bounds read during playback of a malformed MP3 format audio file which switches sample formats. This could trigger a potentially exploitable crash or the reading of out-of-bounds memory content in some circumstanc...

BigTree CMS 4.2.3 Cross Site Scripting

BigTree CMS 4.2.3: Multiple Cross Site Scripting Vulnerabilities Security Advisory – Curesec Research Team Online Reference: http://blog.curesec.com/article/blog/BigTree-CMS-423-Multiple-Cross-Site-Scripting-Vulnerabilities-38.html 1. Introduction Affected Product: BigTree CMS 4.2.3 Fixed in: 4.2...

Tomabo MP4 Player 3.11.3 SEH Buffer Overflow

!/usr/bin/python Exploit Title: Tomabo MP4 Player 3.11.3 - .m3u SEH Buffer Overflow Date: 03/08/2015 Exploit Author: Saeid Atabaki E-Mail: bytecod3r gmail.com, saeid Nsecurity.org Linkedin: https://www.linkedin.com/in/saeidatabaki Vendor Homepage: http://tomabo.com/mp4-player/index.html Version:...

Xceedium Xsuite - Multiple Vulnerabilities

Xceedium Xsuite - Multiple Vulnerabilities See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02...

Apple iTunes & AppStore - Persistent Store Vulnerability

Document Title: =============== Apple iTunes & AppStore - Persistent Store Vulnerability References: =========== http://www.vulnerability-lab.com/getcontent.php?id=1517 Video View: https://www.youtube.com/watch?v=iPvmrFgvpDQ Advisory: http://www.vulnerability-lab.com/getcontent.php?id=1512 Releas...

Xceedium Xsuite Command Injection / XSS / Traversal / Escalation Vulnerabilities

Xceedium Xsuite versions 2.3.0 and 2.4.3.0 suffer from command injection, cross site scripting, directory traversal, hard-coded credential, and privilege escalation vulnerabilities. Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02...

Xceedium Xsuite Command Injection / XSS / Traversal / Escalation

See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt --------------------------------------------------------------------- modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite MZ-15-02 ---------------------------------------------------------------------...

SAP HANA hdbindexserver - Memory corruption

Application: SAP HANA Versions Affected: SAP HANA 1.00.095 Vendor URL: http://www.sap.com Bugs: RCE, Memory corruption Reported: 17.07.2015 Vendor response: 18.07.2015 Date of Public Advisory: 13.10.2015 Reference: SAP Security Note 2197428 Authors: Mathieu Geli ERPScan VULNERABILITY INFORMATION...

KLA10626 Code execution vulnerability in Adobe Flash Player

Use-after-free and memory corruption vulnerabilities were found in Adobe Flash Player. By exploiting these vulnerabilities malicious users can execute arbitrary code. These vulnerabilities can be exploited remotely via an unknown vectors. Original advisories Adobe advisory Exploitation Public...

CVE-2015-3442 Authentication Bypass in Xpert.Line Version 3.0

COMPASS SECURITY ADVISORY http://www.csnc.ch/en/downloads/advisories.html Product: Xpert.Line Vendor: Soreco AG 1 CVE ID: CVE-2015-3442 Subject: Authentication Bypass Risk: Critical Effect: Remotely exploitable Authors: Alessandro Zala [email protected] Andreas Hunkeler...