[WebSploit Framework] Scan And Analysis Remote System From Vulnerability

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability. WebSploit Is An Open Source Project For : Social Engineering Works Scan,Crawler & Analysis Web Automatic Exploiter Support Network Attacks +Autopwn - Used From Metasploit For Scan and Exploit Target Servic...

[SET v5.4] The Social-Engineer Toolkit "Walkers"

TrustedSec is proud to announce the release of The Social-Engineer Toolkit SET v5.4 codename “Walkers”. This version has a significant amount of changes, performance upgrades, bug fixes, and efficiency. This blog post will cover some of the major highlights from Java 7 Update 45 and how to get...

[SpearPhisher] A Simple Phishing Email Generation Tool

SpearPhisher is a simple point and click Windows GUI tool designed for mostly non-technical people who would like to supplement the education and awareness aspect of their information security program. Not only is it useful to non-technical folks, penetration testers may find it handy for sending...

MGASA-2013-0248 Updated firefox and thunderbird packages fix security vulnerabilities

Mozilla developers identified and fixed several memory safety bugs in the browser engine used in Firefox and other Mozilla-based products. Some of these bugs showed evidence of memory corruption under certain circumstances, and we presume that with enough effort at least some of these could be...

CVE-2013-0150

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execut...

Directory traversal

Directory traversal vulnerability in an unspecified signed Java applet in the client-side components in F5 BIG-IP APM 10.1.0 through 10.2.4 and 11.0.0 through 11.3.0, FirePass 6.0.0 through 6.1.0 and 7.0.0, and other products "when APM is provisioned," allows remote attackers to upload and execut...

SeaMonkey < 2.20 Multiple Vulnerabilities

The installed version of SeaMonkey is a version prior to 2.20. It is, therefore, potentially affected by the following vulnerabilities : - Various errors exist that could allow memory corruption conditions. CVE-2013-1701, CVE-2013-1702 - Use-after-free errors exist related to DOM modification whe...

Ubuntu 12.04 LTS / 12.10 / 13.04 : thunderbird vulnerabilities (USN-1925-1)

Jeff Gilbert and Henrik Skupin discovered multiple memory safety issues in Thunderbird. If the user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute...

RedHat Update for firefox RHSA-2013:1140-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

IBM Notes Accepts JavaScript Tags Inside HTML Emails

The IBM Notes application installed on the remote Windows host accepts Java applet tags and JavaScript tags inside HTML emails, making it possible to load Java applets and scripts from a remote location. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid66637;...

Oracle Java Font Parsing maxPoints Heap Buffer Overflow

A heap memory corruption vulnerability exists in Oracle Java Runtime. The vulnerability is due to the font parsing code failing to check the "maxPoints" value used in controlling heap memory operation. A remote unauthenticated attacker can exploit this vulnerability by persuading users to load a...

RHEL 6 : java-1.7.0-openjdk (RHSA-2013:0751)

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Mac OS X : Java for OS X 2013-003

The remote Mac OS X 10.7 or 10.8 host has a Java runtime that is missing the Java for OS X 2013-003 update, which updates the Java version to 1.6.045. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary...

Java CMM Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...

Java CMM Remote Code Execution

This module abuses the Color Management classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February and March of 2013. The vulnerability affects Java version 7u15 and earlier and 6u41 and earlier and has been tested successfully on Windows XP...

Oracle Java Runtime CMM Code Execution (CVE-2013-1493)

A stack buffer overflow vulnerability has been reported in Oracle Java Runtime. The vulnerability is due to insufficient validation of the 'count' property of the 'curveType' object in the CMM module of the Oracle JVM. A remote attacker can exploit this vulnerability by enticing a target user to...

Mac OS X : Java for Mac OS X 10.6 Update 14

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 14, which updates the Java version to 1.6.043. It is, therefore, affected by two security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

Java Applet JMX Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...

Java Applet JMX Remote Code Execution

This module abuses the JMX classes from a Java Applet to run arbitrary Java code outside of the sandbox as exploited in the wild in February of 2013. Additionally, this module bypasses default security settings introduced in Java 7 Update 10 to run unsigned applet without displaying any warning t...

Mac OS X : Java for Mac OS X 10.6 Update 13

The remote Mac OS X host has a version of Java for Mac OS X 10.6 that is missing Update 13, which updates the Java version to 1.6.041. It is, therefore, affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...