328 matches found
Downloads Resources over HTTP
Overview Affected versions of selenium-standalone-painful insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in...
Downloads Resources over HTTP
Overview Affected versions of scalajs-standalone-bin insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
Downloads Resources over HTTP
Overview Affected versions of dalek-browser-chrome insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
Downloads Resources over HTTP
Overview Affected versions of closurecompiler insecurely download an executable over an unencrypted HTTP connection. In scenarios where an attacker has a privileged network position, it is possible to intercept the response and replace the executable with a malicious one, resulting in code...
PDF Complete Office Edition 4.1.12 - Unquoted Service Path Privilege Escalation Exploit
Exploit Title : PDFcompletecorporateedition.rb - 'Unquoted Service Path Privilege Escalation' PDF Version : 4.1.12 vuln Discover : Joey Lane Module Author : pedr0 Ubuntu r00t-3xp10it Tested on : Windows 7 Professional Software Link : http://www.pdfcomplete.com/cms/Downloads.aspx "This was tested ...
Windows Atom Tables Can Be Abused for Code Injection Attacks
Researchers have identified a way attackers could use atom tables in all versions of Windows to inject malicious code into a computer and bypass detection by security products at the same time. The technique has been nicknamed AtomBombing by researchers at enSilo, and opens the door to perform...
Vembu StoreGrid 4.0 Privilege Escalation
Exploit Title: Vembu StoreGrid - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 4.0 Tested on: Windows Server 2012 StoreGrid is a re-brandable backup solution, which can install 2 services with unquoted service paths. This enables a local privilege...
Realtek High Definition Audio Driver 6.0.1.6730 Privilege Escalation Vulnerability
Exploit for windows platform in category local exploits Exploit Title: Realtek High Definition Audio Driver - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 6.0.1.6730 Tested on: Windows 7 Professional The Realtek High Definition Audio Driver instal...
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation
Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation Exploit Title: Lenovo Slim USB Keyboard - Unquoted Service Path Privilege Escalation Date: 10/19/2016 Exploit Author: Joey Lane Version: 1.09 Tested on: Windows 7 Professional The Lenovo Slim USB Keyboard service is...
Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation
Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation Exploit Title: Zapya Desktop Version 'ZapyaService.exe' Privilege Escalation Date: 2016/9/12 Exploit Author: Arash Khazaei Vendor Homepage: http://www.izapya.com/ Software Link:...
Suspicious Webpage JavaScript Downloader
Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...
How RTF malware evades static signature-based detection
History Rich Text Format RTF is a document format developed by Microsoft that has been widely used on various platforms for more than 29 years. The RTF format is very flexible and therefore complicated. This makes the development of a safe RTF parsers challenging. Some notorious vulnerabilities...
Suspicious Executable Mail Attachment
Certain malicious executable files can be hidden using a different extension for the file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute a malicious mail attachment. This method is often used by ransomware such as Locky, Cerber, CryptoXXX, and others...
How Just Opening an MS Word Doc Can Hijack Every File On Your System
If you receive a mail masquerading as a company's invoice and containing a Microsoft Word file, think twice before clicking on it. Doing so could cripple your system and could lead to a catastrophic destruction. Hackers are believed to be carrying out social engineering hoaxes by adopting...
Malicious Mail Payload Containing JavaScript Downloader
Certain malicious executable files can be hidden using js downloader file. A remote attacker could exploit this vulnerability to entice unsuspecting users to execute arbitrary files...
eBay Fixes File Upload and Patch Disclosure Bugs
eBay has fixed a pair of security vulnerabilities in its site that could enable attackers to upload executable files disguised as benign file types, construct full path URLs and then point victims to them through drive-by download attacks. The first bug resulted from the failure of an eBay page t...
Huawei Mobile Partner DLL Hijacking
Title: Huawei Mobile Partner Multiple Vulnerabilities Version: 23.009.05.03.1014 Tested on: Windows XP SP2 en Vendor: http://www.huawei.com/ Software-Link: http://download-c.huawei.com/download/downloadCenter?downloadId=18474&version=16815&siteCode=worldwide E-Mail: osandaatunseen.is Author: Osan...
Apple Patches Shellshock Vulnerability in Bash
Apple tonight released its patch for the Bash vulnerability, updating OS X Lion, Mountain Lion and Mavericks. Late Friday, Apple reassured Mac OS X users that most were protected by default, but nonetheless that it was working on a patch. The vulnerability in Bash, which stands for Bourne Again...
Symantec Norton AntiVirus 2002 Nested File Manual Scan Bypass Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/10164/info A vulnerability has been reported in Symantec Norton AntiVirus 2002 that may potentially cause deeply nested files with specific names to bypass manual scanning. This could permit malicious executable content t...
HP Instant Support 1.0.22 - 'HPISDataManager.dll' 'StartApp' ActiveX Control Insecure Method Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/29533/info HP Instant Support 'HPISDataManager.dll' ActiveX control is prone to an insecure-method vulnerability. Successfully exploiting this issue allows remote attackers to launch arbitrary applications with the...