CVE-2018-5133

If the "app.support.baseURL" preference is changed by a malicious local program to contain HTML and script content, this content is not sanitized. It will be executed if a user loads "chrome://browser/content/preferences/in-content/preferences.xul" directly in a tab and executes a search. This...

Internet Explorer Spoofing Vulnerability

A spoofing vulnerability exists when Internet Explorer improperly handles specific HTML content. An attacker who successfully exploited this vulnerability could trick a user into believing that the user was visiting a legitimate website. The specially crafted website could either spoof content or...

McAfee Security Scan Plus - Remote Command Execution

Vulnerability Summary The following advisory describes a Remote Code Execution found in McAfee Security Scan Plus. An active network attacker could launch a man-in-the-middle attack on a plaintext-HTTP response to a client to run any residing executables with privileges of a logged in user. McAfe...

iCloud Phishing Campaign Zycode Back From the Dead

A phishing campaign aimed at Chinese Apple users that was thought to be in hibernation has been roused from its slumber. Researchers in June spotted the campaign, dubbed Zycode, targeting Apple iCloud users. A rash of suspended domains that month led to a lull for the campaign however; researcher...

Nextcloud: URI scheme bypass in mail app lead to HTML content spoof and opener control

Bug When we load a HTML mail from mailbox via api, etc http://nextcloud/index.php/apps/mail/accounts//folders/SU5CT1g=/messages//html Our content will be passed to HTML Purifier to strip malicious XSS patterns. After that, an filter will apply to transform acceptable URI schemes http, https, ftp,...

MS16-088: Description of the security update for Excel 2016: July 12, 2016

MS16-088: Description of the security update for Excel 2016: July 12, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

Microsoft Edge GetLineBoxForReuse Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Edge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The vulnerability relates to how Microsoft Edge...

MS15-116: Security Updates for Microsoft Office to Address Remote Code Execution (3104540) (Mac OS X)

The version of Microsoft Office installed on the remote Mac OS X host is affected by multiple vulnerabilities : - Multiple remote code execution vulnerabilities exist due to improper handling of objects in memory. A remote attacker can exploit these vulnerabilities by convincing a user to open a...

HTTP Client Automatic Exploiter 2 (Browser Autopwn)

This module will automatically serve browser exploits. Here are the options you can configure: The INCLUDEPATTERN option allows you to specify the kind of exploits to be loaded. For example, if you wish to load just Adobe Flash exploits, then you can set Include to 'adobeflash'. The EXCLUDEPATTER...

ColdFusion Version Scanner

This module attempts identify various flavors of ColdFusion up to version 10 as well as the underlying OS. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'ColdFusion Version Scanner',...

CXF: HTML content posted to SOAP endpoint could cause OOM errors

A denial of service flaw was found in the way Apache CXF created error messages for certain POST requests. A remote attacker could send a specially crafted request which, when processed by an application using Apache CXF, could consume an excessive amount of memory on the system, possibly...

(Mobile Pwn2Own) Amazon App Store HTTPS Downgrade Vulnerability

This vulnerability allows remote attackers to transmit unencrypted traffic on the Amazon App Store. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. All the HTML content within the Amazon App Store is transmitted...

CXF: HTML content posted to SOAP endpoint could cause OOM errors

A denial of service flaw was found in the way Apache CXF created error messages for certain POST requests. A remote attacker could send a specially crafted request which, when processed by an application using Apache CXF, could consume an excessive amount of memory on the system, possibly...

Important: Red Hat Security Advisory: Red Hat JBoss BRMS 6.1.0 update

Red Hat JBoss BRMS 6.1.0, which fixes multiple security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores,...

CXF: HTML content posted to SOAP endpoint could cause OOM errors

A denial of service flaw was found in the way Apache CXF created error messages for certain POST requests. A remote attacker could send a specially crafted request which, when processed by an application using Apache CXF, could consume an excessive amount of memory on the system, possibly...

CVE-2014-6392

Cross-site scripting XSS vulnerability in the Facebook app 14.0 and the Facebook Messenger app 10.0 for iOS allows remote attackers to inject arbitrary web script or HTML via a crafted filename extension that is improperly handled during MIME sniffing of chat traffic. NOTE: the vendor disputes th...

Important: Red Hat Security Advisory: spacewalk-java security update

Updated spacewalk-java packages that fix one security issue are now available for Red Hat Satellite 5.4, 5.5, and 5.6. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating,...

Firefox toString console.time Privileged Javascript Injection

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex/exploitation/jsobfu' class Metasploit3 Msf::Exploit::Remote Rank = ExcellentRanking include...

Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting

Overview Silver Peak VX version 6.2.2.047968 is vulnerable to cross-site request forgery and cross-site scripting. Description CWE-352: Cross-Site Request Forgery CSRF - CVE-2014-2974Silver Peak VX version 6.2.2.047968 contains a cross-site request forgery vulnerability in /php/useraccount.php...

Microsoft Internet Explorer 6.0 Nested OBJECT Tag Memory Corruption Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/17658/info Microsoft Internet Explorer is prone to a memory-corruption vulnerability. This issue is due to a flaw in the application in handling nested OBJECT tags in HTML content. An attacker could exploit this issue via...