Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC

No description provided by source. / Title: Native Instruments Kontakt 4 Player NKI File Syntactic Analysis Buffer Overflow PoC Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 4.1.3.4125 Standalone Summary: KONTAKT 4 PLAYER is the free sample...

Native Instruments Reaktor 5 Player 5.5.1 - Heap Memory Corruption Vulnerability

No description provided by source. Native Instruments Reaktor 5 Player v5.5.1 Heap Memory Corruption Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 5.5.1 R10584 or 5.5.1.10584 Tested on: Microsoft Windows XP Professional SP3...

Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability

No description provided by source. !/usr/bin/perl Title: Native Instruments Massive 1.1.4 KSD File Handling Use-After-Free Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.1.4 R1901 Summary: MASSIVE is a sonic monster ? the...

Native Instruments Service Center 2.2.5 - Local Privilege Escalation Vulnerability

No description provided by source. Native Instruments Service Center 2.2.5 Local Privilege Escalation Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 2.2.5 R596 Summary: The NI Service Center is a service used for Product...

Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability

No description provided by source. !/usr/local/bin/perl Native Instruments Traktor Pro 1.2.6 Stack-based Buffer Overflow Vulnerability Vendor: Native Instruments GmbH Product web page: http://www.native-instruments.com Affected version: 1.2.6.8491 Standalone Summary: TRAKTOR PRO is the new...

Update Tomcat Native DLL in JIRA Installer

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Server. Using JIRA Cloud? See the corresponding suggestion|http://jira.atlassian.com/browse/JRACLOUD-38927. panel quote 7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships...

Update Tomcat Native DLL in JIRA Installer

panel:bgColor=e7f4fa NOTE: This suggestion is for JIRA Cloud. Using JIRA Server? See the corresponding suggestion|http://jira.atlassian.com/browse/JRASERVER-38927. panel quote 7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships...

Update Tomcat Native DLL in JIRA Installer

quote 7 new vulnerabilities were announced for OpenSSL on 5 June 2014. These vulnerabilities affect Tomcat Native, which ships with the Windows Installer versions of JIRA. So please update your JIRA Windows Installers to include a patched version of Tomcat Native DLL's, once these become availabl...

HackPorts - Mac OS X Penetration Testing Framework and Tools

HackPorts was developed as a penetration testing framework with accompanying tools and exploits that run natively on Mac platforms. HackPorts is a ‘super-project’ that leverages existing code porting efforts, security professionals can now use hundreds of penetration tools on Mac systems without...

Adobe Reader for Android < 11.2.0 - 'addJavascriptInterface' Local Overflow (Metasploit)

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/fileformat' require 'msf/core/exploit/pdf' require 'msf/core/exploit/android' class Metasploit3 'Adobe Reader for Android...

Adobe Reader for Android addJavascriptInterface Exploit

This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/fileformat' require 'msf/core/exploit/pdf' require 'msf/core/exploit/android' class Metasploit3 'Adobe Reader for Android...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat7 security update

Updated tomcat7 packages that fix three security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, whic...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

Updated tomcat6 packages that fix multiple security issues are now available for Red Hat JBoss Web Server 2.0.1 on Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores,...

Moderate: Red Hat Security Advisory: Red Hat JBoss Web Server 2.0.1 tomcat6 security update

An update for the Apache Tomcat 6 component for Red Hat JBoss Web Server 2.0.1 that fixes multiple security issues is now available from the Red Hat Customer Portal. The Red Hat Security Response Team has rated this update as having Moderate security impact. Common Vulnerability Scoring System CV...

SOL15158 - OpenSSL vulnerability CVE-2013-6450

Vulnerability Recommended Actions If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not...

HawtJNI: predictable temporary file name leading to local arbitrary code execution

The HawtJNI Library class wrote native libraries to a predictable file name in /tmp when the native libraries were bundled in a JAR file, and no custom library path was specified. A local attacker could overwrite these native libraries with malicious versions during the window between when HawtJN...

SOL15147 - OpenSSL vulnerability CVE-2013-6449

Recommended Action If the previous table lists a version in the Versions known to be not vulnerable column, you can eliminate this vulnerability by upgrading to the listed version. If the listed version is older than the version you are currently running, or if the table does not list any version...

Firefox Exec Shellcode From Privileged Javascript Shell

This Metasploit module allows execution of native payloads from a privileged Firefox Javascript shell. It puts the specified payload into memory, adds the necessary protection flags, and calls it. Useful for upgrading a Firefox javascript shell to a Meterpreter session without touching the disk...

Mandriva Linux Security Advisory : varnish (MDVSA-2014:036)

Updated varnish packages fix security vulnerabilities : Varnish before 3.0.5 allows remote attackers to cause a denial of service child-process crash and temporary caching outage via a GET request with trailing whitespace characters and no URI CVE-2013-4484. Also, the services have been converted...

Firefox Exec Shellcode from Privileged Javascript Shell

This module allows execution of native payloads from a privileged Firefox Javascript shell. It places the specified payload into memory, adds the necessary protection flags, and calls it, which can be useful for upgrading a Firefox javascript shell to a Meterpreter session without touching the...