UltraVNC VNCLog Buffer Overflow - Ver2 (CVE-2006-1652)

UltraVNC is an open source client/server remote control application which uses the Virtual Network Computing VNC protocol. The VNC protocol allows a user to control a remote host by sending mouse and keyboard events, and receiving screen and sound updates. UltraVNC offers several extra features a...

MGASA-2014-0505 Updated libreoffice packages fix security vulnerability

"Document as E-mail" vulnerability bnc900218. It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2014-3693...

SuSE 11.3 Security Update : LibreOffice (SAT Patch Number 10001)

LibreOffice was updated to fix two security issues. These security issues have been fixed : - 'Document as E-mail' vulnerability. bnc900218 - Impress remote control use-after-free vulnerability. CVE-2014-3693 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package...

LibreOffice use-after-free vulnereability

Ingress remote control protocol use-after-free, memory corruption in OLE preview...

Attackers Using Compromised Web Plug-Ins in CryptoPHP Blackhat SEO Campaign

Researchers have discovered a group of attackers who have published a variety of compromised WordPress themes and plug-ins on legitimate-looking sites, tricking developers into downloading and installing them on their own sites. The components then give the attackers remote control of the...

openSUSE Security Update : libreoffice (openSUSE-SU-2014:1443-1)

libreoffice was updated to version 4.3.3 to fix two security issues : These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress remote control use-after-free vulnerability CVE-2014-3693. Various other fixes are included in the update. %NASLMINLEVEL 70300 C Tenab...

openSUSE Security Update : libreoffice (openSUSE-SU-2014:1412-1)

libreoffice was updated to fix two security issues. These security issues were fixed : - 'Document as E-mail' vulnerability bnc900218. - Impress Remote Control Use-after-Free Vulnerability CVE-2014-3693. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks ...

LibreOffice Impress Remote Control Use After Free (CVE-2014-3693)

A use after free vulnerability exists in LibreOffice Impress. The vulnerability is due to an error in the code managing remote control port. A remote unauthenticated attacker can exploit this vulnerability by sending crafted data to the affected port. Successful exploitation will result in...

Ubuntu: Security Advisory (USN-2398-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 14.04 LTS : LibreOffice vulnerability (USN-2398-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-2398-1 advisory. It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash,...

USN-2398-1 libreoffice vulnerability

It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2398-1: LibreOffice vulnerability

It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code...

Design/Logic Flaw

The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service screen locking with an arbitrary code by triggering unexpected Find My Mobile network traffic...

CVE-2014-8346

The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service screen locking with an arbitrary code by triggering unexpected Find My Mobile network traffic...

The threat is far better than“bleeding heart”for? Abroad new explosion Bash security vulnerability-vulnerability warning-the black bar safety net

These days Linux users can happily play the Red Hat security team yesterday broke a dangerous Bash Shell vulnerability. Its threat may be higher than the earlier disclosure of the“heartbleed”vulnerability is more and more strong! ! A network security company, Engineering Manager Tod Beardsley als...

Apple TV Image Remote Control

This module will show an image on an AppleTV device for a period of time. Some AppleTV devices are actually password-protected, in that case please set the PASSWORD datastore option. For password brute forcing, please see the module auxiliary/scanner/http/appletvlogin. This module requires...

Cobham Sailor satellite terminals contain hardcoded credentials

Overview Cobham Sailor 900 and 6000 series satellite terminals contain hardcoded credentials. Description CWE-798: Use of Hard-coded Credentials IOActive reports that Cobham Sailor 900 and 6000 series satellite communication terminals running firmware version: 1.08 MFHF / 2.11 VHF contain hardcod...

Mobile Carrier Controls Exploitable on a Massive Scale

LAS VEGAS – Device manufacturers and service providers quietly maintain a pervasive level of remote control over the devices they sell to consumers so they can push over-the-air OTA updates for a variety of reasons, but problematically one popular product that enables this type of control is poor...

Android new attack: Google Voice Search attack-vulnerability warning-the black bar safety net

Chinese University of Hong Kong researchers in the Preprint posted on the website of paper PDF, describes a novel permission to bypass attack method: Google Voice Search attack. An attacker can leverage a zero-permissions Android app VoicEmployer, front activationoperating system built-in voice...

CVE-2014-0860

The firmware before 3.66E in IBM BladeCenter Advanced Management Module AMM, the firmware before 1.43 in IBM Integrated Management Module IMM, and the firmware before 4.15 in IBM Integrated Management Module II IMM2 contains cleartext IPMI credentials, which allows attackers to execute arbitrary...