Symantec Mail Security KeyView PRZ Processing Buffer Overflow

The file attachment filter component included with the instance of Symantec Mail Security installed on the remote Windows host is reportedly affected by a buffer overflow vulnerability that can be triggered when handling attachments of various types. By sending an email with a specially crafted...

OpenJDK: unprivileged proxy settings change via SOAPConnection (SAAJ, 7013971)

Unspecified vulnerability in the Java Runtime Environment JRE component in Oracle Java SE 6 Update 26 and earlier allows remote untrusted Java Web Start applications and untrusted Java applets to affect confidentiality via unknown vectors related to SAAJ...

Microsoft PowerPoint Invalid 'PersistDirectoryEntry' Record Remote Code Execution Vulnerability

Description Microsoft PowerPoint is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing a victim to open a malicious PowerPoint file. An attacker can exploit this issue to execute arbitrary code with the privileges of the user running the application...

Threat Outbreak Alert: Fake Delivery Express Parcel Notification Email Messages on�August 25, 2015

Medium Alert ID: 22891 First Published: 2011 April 8 14:39 GMT Last Updated: 2015 August 27 13:02 GMT Version: 13 Summary Cisco Security has detected significant activity related to spam email messages that inform the recipient about a parcel delivery from Delivery Express. The text in the email...

Expert: Three Quarters of Employees Duped by Phishing Scams

In the wake of the data breach at e-mail marketing firm Epsilon, the specter looms of widespread phishing attacks on hundreds of millions of e-mail users whose information was stolen from the firm. But according to Aaron Higbee, the Chief Technology Officer at Intrepidus Group, organizations had...

SMF 2.0 RC5 Shell Upload

Title : SMF 2.0 RC5 Remote Shell Upload Exploit Author : KedAns-Dz E-mail : [email protected] Home : HMD/AM 30008/04300 - Algeria -00213555248701 Twitter page : twitter.com/kedans platform : php Impact : Remote Shell Upload Tested on : Windows XP sp3 FR » In The name of Allah Go0Gle D0rk : "Power...

RSA Warns Customers Of Targeted Attacks In Wake of Hack

RSA, the security division of EMC Corp. has warned customers to be on the lookout for targeted attacks, including suspicious messages and links sent over social media networks in the wake of a sophisticated attack that spilled confidential information about the workings of the company’s SecurID...

Ongoing Phishing Attack

US-CERT is aware of public reports of an ongoing phishing attack. At this time, this attack appears to be targeting PayPal, Bank of America, Lloyds, and TSB users. The attack arrives via an unsolicited email message containing an HTML attachment. This attack is unlike common phishing attacks...

XSS vulnerability in the action links of Confluence's attachments lists.

We have identified and fixed a cross-site scripting XSS vulnerability in the action links of Confluence's attachments lists. All versions from 2.7 to 3.4.7 are affected. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about...

XSS vulnerability in the action links of Confluence's attachments lists.

We have identified and fixed a cross-site scripting XSS vulnerability in the action links of Confluence's attachments lists. All versions from 2.7 to 3.4.7 are affected. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about...

XSS vulnerability in the action links of Confluence's attachments lists.

We have identified and fixed a cross-site scripting XSS vulnerability in the action links of Confluence's attachments lists. All versions from 2.7 to 3.4.7 are affected. XSS vulnerabilities potentially allow an attacker to embed their own JavaScript into a Confluence page. You can read more about...

Hackers Steal $ 150,000 Malware Job Search !

Small businesses are worried about a new scam: criminals in search of work who want to break into online bank accounts. The U.S. Federal Bureau of Investigation issued a warning Wednesday on a new version of a fraud technique called long-term computer automated information exchange fraud. With AC...

Code injection

Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Folders, Files & Attachments, a different vulnerability than CVE-2010-4429...

Metasploit 3.5.1 adds Cisco device exploitation !

Metasploit now enables security professionals to exploit Cisco devices, performs passive reconnaissance through traffic analysis, provides more exploits and evaluates an organization's password security by brute forcing an ever increasing range of services. This latest release adds stealth...

CVE-2010-4546

IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail message with a Prevent Copy attribute, which allows remote authenticated users to bypass intended access restrictions via this request...

Microsoft Publisher (CVE-2010-3954) Memory Corruption Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a remote code-execution vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening a specially crafted Publisher file. Successfully exploiting this issue allows attackers to execute arbitrary code in the context of t...

Microsoft Office TIFF Image Converter (CVE-2010-3947) Heap Based Buffer Overflow Vulnerability

Description Microsoft Office is prone to a remote heap-based buffer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a special...

Microsoft Office FlashPix Image Converter (CVE-2010-3952) Multiple Buffer Overflow Vulnerabilities

Description Microsoft Office is prone to multiple remote buffer-overflow vulnerabilities because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit these issues by enticing an unsuspecting user into opening an Office document containing a special...

Microsoft Office PICT Image Converter (CVE-2010-3946) Integer Overflow Vulnerability

Description Microsoft Office is prone to a remote integer-overflow vulnerability because the software fails to perform adequate boundary-checks on user-supplied data. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document that contains a specially...

Microsoft Office TIFF Image Converter (CVE-2010-3950) Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue by enticing an unsuspecting user into opening an Office document containing a specially crafted Tagged Image File Format TIFF image. Successfully exploiting this issue allows...