Firefox 36 Arrives With Patches For Three Critical Flaws

Mozilla has patched 16 security vulnerabilities in Firefox, including three critical flaws in the browser. One of the critical vulnerabilities patched with the release of Firefox 36 is a buffer overflow in the libstagefright library that can be exploitable under some circumstances. “Security...

Buffer overflow during CSS restyling — Mozilla

Security researcher Atte Kettunen used the Address Sanitizer tool to discover an out-of-bounds read during the application of restyling and reflowing changes of web content using CSS. This results in a potentially exploitable crash...

Use-after-free in IndexedDB — Mozilla

Security researcher Paul Bandha used the used the Address Sanitizer tool to discover a use-after-free vulnerability when running specific web content with IndexedDB to create an index. This leads to a potentially exploitable crash...

Double-free when using non-default memory allocators with a zero-length XHR — Mozilla

Security researcher Abhishek Arya Inferno of the Google Chrome Security Team and Mozilla security developer Gary Kwong used the Address Sanitizer tool to discover a double-free error when sending a zero-length XmlHttpRequest XHR. This was due to errors in memory allocation when using different...

Buffer overflow in libstagefright during MP4 video playback — Mozilla

Security researcher Pantrombka reported a buffer overflow in the libstagefright library during video playback when certain invalid MP4 video files led to the allocation of a buffer that was too small for the content. This led to a potentially exploitable crash...

EasyCart <= 3.0.15 - Unrestricted File Upload

In versions = 3.0.8 this can be exploited by authenticating as any WordPress user, and in versions 3.0.9 - 3.0.15 can be exploited by passing a valid password hash being used by any admin in the EasyCart user system...

[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability

OS X Gatekeeper Bypass Vulnerability Amplia Security - Amplia Security Research Advisory AMPLIA-ARA100614 Advisory ID: AMPLIA-ARA100614 Advisory URL: http://www.ampliasecurity.com/advisories/os-x-gatekeeper-bypass-vulnerability.html, http://www.ampliasecurity.com/advisories/AMPLIA-ARA100614.txt...

Android Wi-Fi Direct Vulnerability Disclosed

Google and Core Security are at odds over the severity of a vulnerability affecting a number of Android mobile devices, details of which were released by the security vendor today. The issue was reported to the Android security team on Sept. 26 and in subsequent communication between the two...

Android WiFi-Direct - Denial of Service

Android WiFi-Direct - Denial of Service Core Security - Corelabs Advisory http://corelabs.coresecurity.com/ Android WiFi-Direct Denial of Service 1. Advisory Information Title: Android WiFi-Direct Denial of Service Advisory ID: CORE-2015-0002 Advisory URL:...

REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability

================================================================================ REWTERZ-20140102 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk Plus User Enumeration Vulnerability Product: ServiceDesk...

ManageEngine ServiceDesk Plus 9.0 Privilege Escalation Vulnerability

ManageEngine ServiceDesk Plus version 9.0 prior to build 9031 suffers from a remote privilege escalation vulnerability due to improper access controls. Title: ManageEngine ServiceDesk Plus User Privileges Management Vulnerability Product: ServiceDesk Plus http://www.manageengine.com/ Affected...

ManageEngine ServiceDesk 9.0 SQL Injection

================================================================================ REWTERZ-20140101 - Rewterz - Security Advisory ================================================================================ Title: ManageEngine ServiceDesk SQL Injection Vulnerability Product: ServiceDesk Plus...

SOL16010 - GNU C Library (glibc) vulnerability CVE-2014-7817

These versions of BIG-IP, BIG-IQ, and Enterprise Manager have a vulnerable version of glibc code. However, the risk level for this vulnerability is considered LOW because F5 product development has verified that the vulnerable code is NOT used in a way that would make an exploit possible. These...

http-shellshock NSE Script

Attempts to exploit the "shellshock" vulnerability CVE-2014-6271 and CVE-2014-7169 in web applications. To detect this vulnerability the script executes a command that prints a random string and then attempts to find it inside the response body. Web apps that don't print back information won't be...

Alienvault OSSIM/USM 4.14.X Command Execution Vulnerability

Alienvault OSSIM/USM versions 4.14.x and below suffer from a remote command execution vulnerability. Proof of concept included. Details ======= Product: Alienvault OSSIM/USM Vulnerability: Command Execution Author: Peter Lapp, email protected CVE: None assigned Vulnerable Versions: =4.14.X Fixed...

SeaMonkey < 2.32 Vulnerability

The version of SeaMonkey installed on the remote host is prior to 2.32. It is, therefore, affected by the following vulnerabilities : - Multiple unspecified memory safety issues exist within the browser engine. CVE-2014-8634, CVE-2014-8635 - A flaw exists where DOM objects with some specific...

Google Engineers Critical Aviator Browser Privacy, Security

Within hours on Thursday of WhiteHat Security releasing its Aviator browser to open source, a remote code execution vulnerability was disclosed, along with a handful of other coding issues that Google security engineers said jeopardized the security and privacy of Aviator’s users. Google’s public...

CVE-2014-2025 Remote Code Execution &#40;RCE&#41; in &quot;Intrexx Professional&quot;

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 CVE-2014-2025 =================== "Remote Code Execution RCE via Unrestricted File Upload" CWE-434 vulnerability in "Intrexx Professional" product Vendor =================== United Planet GmbH Product =================== "Intrexx is an integrated...

KPPW最新版SQL注入漏洞九(全局问题导致大面积注入及总结)

简要描述： KPPW最新版SQL注入漏洞九，也是全局问题导致的大面积注入，这里申明不是在刷漏洞，因为每一个问题都很严重，都能引发很多问题... 详细说明： KPPW最新版SQL注入漏洞九，也是全局函数的问题，导致大面积注入... 文件/control/user/accountauth.php if $code&&inarray$code,$arrAllowAuth $code or $code = $keys '0'; $code or kekezu::showmsg $lang 'paramerror', "index.php?do=auth", 3, '', 'warning' ;...

Custom Websites Running HD FLV Player Plugin Vulnerable

Content management system providers Joomla and WordPress have patched a critical vulnerability in the HD FLV Player, but custom websites running the Flash video player are still vulnerable. Researchers at Sucuri disclosed this week that a separate security issue can be abused to send spam and has...