OpenJDK: PKCS#8 implementation timing attack (JCE, 8176760)

A covert timing channel flaw was found in the PKCS8 implementation in the JCE component of OpenJDK. A remote attacker able to make a Java application repeatedly compare PKCS8 key against an attacker controlled value could possibly use this flaw to determine the key via a timing side channel...

DEBIAN-CVE-2017-5361

Request Tracker RT 4.x before 4.0.25, 4.2.x before 4.2.14, and 4.4.x before 4.4.2 does not use a constant-time comparison algorithm for secrets, which makes it easier for remote attackers to obtain sensitive user password information via a timing side-channel attack...

Magento CMS Predictable Random Number Generation Vulnerability

Magento CMS is the United States Magento company's set of open source PHP e-commerce content management system CMS. A predictable random number generation vulnerability exists in Magento CMS Attackers can exploit this vulnerability to predict random numbers and infer passwords...

Out-of-bound read while computing an oscillator rendering range in Web Audio — Mozilla

Security researcher Holger Fuhrmannek used the Address Sanitizer tool to discover an out-of-bound read while computing an oscillator rendering range in Web Audio. This could allow an attacker to infer the contents of four bytes of memory...

Researchers to 9 2% The success rate of hijacking the Gmail application-vulnerability warning-the black bar safety net

You from a third party site to download a Wallpaper application, it does not require any permissions, so you figure it won't be the malicious applications. But the University of California, Riverside researchers published a study PDF that does not require any permission the app can also steal you...

TCP Off Path Sequence Number Inference

An Internet connection hijack vulnerability has been reported in network devices...

SSL/TLS: CBC padding timing attack (lucky-13)

The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...

Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)

jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via crafted JavaScript code...

Mozilla: Miscellaneous memory safety hazards (rv:13.0/ rv:10.0.5) (MFSA 2012-34)

jsinfer.cpp in Mozilla Firefox ESR 10.x before 10.0.5 and Thunderbird ESR 10.x before 10.0.5 does not properly determine data types, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via crafted JavaScript code...

mount.cifs - chdir() Arbitrary Root File Identification

mount.cifs - chdir Arbitrary Root File Identification Blueliv Advisory 2012-004 - Discovered by: Jesus Olmos Gonzalez at Blueliv - Risk: 5/5 - Impact: 1/5 1. VULNERABILITY ------------------------- linux privileged and arbitrary chdir, this leads to an arbitary file identification as root. 2...

FreeBSD : Mozilla -- multiple vulnerabilities (1fade8a3-e9e8-11e0-9580-4061862b8c22)

The Mozilla Project reports : MFSA 2011-36 Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 MFSA 2011-37 Integer underflow when using JavaScript RegExp MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-39 Defense against multiple Location headers due to CRLF...

Inferring keystrokes from motion data — Mozilla

University of California, Davis researchers Liang Cai and Hao Chen presented a paper at the 2011 USENIX HotSec workshop on inferring keystrokes from device motion data on mobile devices. Web pages can now receive data similar to the apps studied in that paper and likely present a similar risk. We...

Mozilla -- multiple vulnerabilities

The Mozilla Project reports: MFSA 2011-36 Miscellaneous memory safety hazards rv:7.0 / rv:1.9.2.23 MFSA 2011-37 Integer underflow when using JavaScript RegExp MFSA 2011-38 XSS via plugins and shadowed window.location object MFSA 2011-39 Defense against multiple Location headers due to CRLF...

SqlInjector : A MS SQL Server Blind Injector !

SqlInjector was originally called as BlindSQLInjector. SqlInjector is an application to perform completely blind SQL injection, that currently supports only MS SQL Server. It uses time based inference to determine true or false conditions to extract data. The key feature is that it uses a binary...