Samsung SW Update 2.2.7.22 Insecure ACLs

Blue Frost Security GmbH https://www.bluefrostsecurity.de/ researchatbluefrostsecurity.de BFS-SA-2016-002 25-April-2016 Vendor: Samsung, www.samsung.com Affected Products: SW Update Affected Version: cacls "c:\Programdata\Samsung\SW...

Riot Games League of Legends - Insecure File Permissions Privilege Escalation

Riot Games League of Legends - Insecure File Permissions Privilege Escalation ------------------------------------------------------------------------------------ Exploit Title: Riot Games League of Legends Insecure File Permissions Privilege Escalation Date: 03/06/16 Exploit Author: Cyril...

CURL-CVE-2016-4802 Windows DLL hijacking

libcurl would load Windows system DLLs in a manner that may make it vulnerable to a DLL hijacking aka binary planting attack in certain configurations. libcurl has a unified code base that builds and runs on a multitude of different versions of Windows. To make that possible, when libcurl is buil...

Windows DLL hijacking

libcurl would load Windows system DLLs in a manner that may make it vulnerable to a DLL hijacking aka binary planting attack in certain configurations. libcurl has a unified code base that builds and runs on a multitude of different versions of Windows. To make that possible, when libcurl is buil...

CVE-2016-1040

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors, a different vulnerabili...

HTTP. sys remote code execution vulnerability in the repair method-vulnerability warning-the black bar safety net

Vulnerability description If an attacker to the affected Windows System to send a specially crafted HTTP request, this vulnerability allows for remote code execution. After security personnel test, serious harm, Please as soon as possible repair. This security update fixes the vulnerability in...

The exception in the exception--by means of a system of exception handling exception achieve incredible exploit-vulnerability warning-the black bar safety net

Memory read, write, execute attribute is system security the most important one of the mechanisms. Usually, if you want to overwrite the data in memory, you must first ensure that the block of memory having a write attribute, if you want to execute a piece of code in memory, you must first ensure...

The exception in the exception: by means of a system of exception handling exception achieve incredible exploit-vulnerability warning-the black bar safety net

Memory read, write, execute attribute is system security the most important one of the mechanisms. Usually, if you want to overwrite the data in memory, you must first ensure that the block of memory having a write attribute, if you want to execute a piece of code in memory, you must first ensure...

mcart.xls Bitrix Module 6.5.2 - SQL Injection

Exploit for php platform in category web applications Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Public Disclosur...

mcart.xls Bitrix Module 6.5.2 - SQL Injection

mcart.xls Bitrix Module 6.5.2 - SQL Injection Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015...

mcart.xls Bitrix Module 6.5.2 - SQL Injection

Advisory ID: HTB23279 Product: mcart.xls Bitrix module Vendor: www.mcart.ru Vulnerable Versions: 6.5.2 and probably prior Tested Version: 6.5.2 Advisory Publication: November 18, 2015 without technical details Vendor Notification: November 18, 2015 Public Disclosure: January 13, 2016 Vulnerabilit...

Multiple SQL Injection Vulnerabilities in mcart.xls Bitrix Module

High-Tech Bridge Security Research Lab discovered multiple SQL Injection vulnerabilities in mcart.xls Bitrix module, which can be exploited to execute arbitrary SQL queries and obtain potentially sensitive data, modify information in database and gain complete control over the vulnerable website...

SQL Injection in orion.extfeedbackform Bitrix Module

High-Tech Bridge Security Research Lab discovered two vulnerabilities in orion.extfeedbackform Bitrix module, can be exploited to execute arbitrary SQL queries and obtain potentially sensitive data, modify information in database and gain complete control over the vulnerable website. All discover...

Windows Local Privilege Escalation: PowerUp

PowerUp is a powershell tool to assist with local privilege escalation on Windows systems. It contains several methods to identify and abuse vulnerable services, as well as DLL hijacking opportunities, vulnerable registry settings, and escalation opportunities. The privesc/powerup/allchecks modul...

IT-Grundschutz M4.344: Überwachung von Windows-Systemen ab Windows Vista und Windows Server 2008

IT-Grundschutz M4.344: Überwachung von Windows-Systemen ab Windows Vista und Windows Server 2008 Stand: 15. Ergänzungslieferung 15. EL. OpenVAS Vulnerability Test $Id: GSHBM4344.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 15. EL, Maßnahme 4.344 Authors: Thomas Rotter Copyright: Copyrig...

IT-Grundschutz M5.020: Einsatz der Sicherheitsmechanismen von rlogin, rsh und rcp

IT-Grundschutz M5.020: Einsatz der Sicherheitsmechanismen von rlogin, rsh und rcp. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM5020.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 5.020 Authors: Thomas Rotter Copyright: Copyright c 2015...

IT-Grundschutz M4.004: Geeigneter Umgang mit Laufwerken für Wechselmedien und externen Datenspeichern

IT-Grundschutz M4.004: Geeigneter Umgang mit Laufwerken für Wechselmedien und externen Datenspeicher. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4004.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.004 Authors: Thomas Rotter Copyright:...

IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs für ein Windows-System

IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs für ein Windows-System. Stand: 15. Ergänzungslieferung 15. EL. OpenVAS Vulnerability Test $Id: GSHBM4049.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 15. EL, Maßnahme 4.049 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone...

IT-Grundschutz M4.080: Sichere Zugriffsmechanismen bei Fernadministration

IT-Grundschutz M4.080: Sichere Zugriffsmechanismen bei Fernadministration. Stand: 14. Ergänzungslieferung 14. EL. OpenVAS Vulnerability Test $Id: GSHBM4080.nasl 7883 2017-11-23 11:22:59Z emoss $ IT-Grundschutz, 14. EL, Maßnahme 4.080 Authors: Thomas Rotter Copyright: Copyright c 2015 Greenbone...

IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs fr ein Windows-System

IT-Grundschutz M4.049: Absicherung des Boot-Vorgangs fr ein Windows-System. Stand: 15. Ergnzungslieferung 15. EL. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...