103 matches found
'HoeflerText' Popups Target Browsers With RAT and Locky Ransomware
A malware campaign utilizing bogus popups that alert users to a missing web-font is targeting Google Chrome and Firefox browser users. The popups contain a malicious JavaScript file that initiates the download of either the NetSupport Manager remote access tool RAT or Locky ransomware. The...
Locky ransomware adds anti sandbox feature (updated)
By Marcelo Rivero and Jérôme Segura The Locky ransomware has been very active since its return which we documented in a previous blog post. There are several different Locky campaigns going on at the same time, the largest being the one from affiliate ID 3 which comes with malicious ZIP containin...
Booby 1.0.1 - Multiple Remote File Inclusion Vulnerabilities
No description provided by source. software name: Booby version: 1.0.1 description: A Webbased Personal Information Manager PIM with support for bookmarks, calendar, contacts, notes, news and tasks. download:...
Ensnare Web Application Attack Detection Utility Released
BOSTON – Two engineers from Netflix this week released to open source a security tool that detects attacks against web applications—and also reacts to those attacks with responses they hope will flummox a hacker to the point that he moves on to his next target. The utility is called Ensnare and i...
New Adobe Reader Flaw Exposed
A security researcher has uncovered yet another vulnerability in Adobe Reader that allows hackers to execute malicious code on computers by tricking their users into opening booby-trapped files. Read the full article. The Register...
U.S. Defense Contractors Hit by Malware PDFs
Booby-trapped PDF files, posing as messages from the US Department of Defense, were emailed to US defence contractors last week. The document refers to a real conference due to be held in Las Vegas in March. Read the full article. The Register...
Apple plugs 10 QuickTime code execution holes
Apple today released QuickTime 7.6.2 with fixes for a variety of security vulnerabilities, some of which could lead to arbitrary code execution attacks. The update, available for Mac OS X, Windows XP and Windows Vista, covers a total of 10 documented vulnerabilities that could be exploited via...
Directory traversal
Multiple PHP remote file inclusion vulnerabilities in Brim formerly Booby 1.0.1 allow remote attackers to execute arbitrary PHP code via a URL in the renderer parameter to template.tpl.php in 1 barrel/, 2 barry/, 3 mylook/, 4 oerdec/, 5 penguin/, 6 sidebar/, 7 slashdot/, and 8 text-only/ in...
Immunity Canvas: BOOBY_INCLUDE
Name| boobyinclude ---|--- CVE| CVE-2008-2645 Exploit Pack| CANVAS Description| Booby Remote File Include Notes| CVSS: 7.5 Repeatability: Infinite VENDOR: Booby CVE Url: https://vulners.com/cve/CVE-2008-2645 CVE Name: CVE-2008-2645...
CVE-2008-2645
CVE-2008-2645 affects Brim (formerly Booby) 1.0.1. It describes multiple PHP remote file inclusion vulnerabilities: an attacker can trigger arbitrary PHP code execution by supplying a URL to the renderer parameter for template.tpl.php in eight template paths (barrel/, barry/, mylook/, oerdec/, pe...
Booby 1.0.1 Multiple Remote File Inclusion Vulnerabilities
No description provided by source. software name: Booby version: 1.0.1 description: A Webbased Personal Information Manager PIM with support for bookmarks, calendar, contacts, notes, news and tasks. download:...
Booby 1.0.1 Multiple Remote File Inclusion Vulnerabilities
Exploit for unknown platform in category web applications ========================================================== Booby 1.0.1 Multiple Remote File Inclusion Vulnerabilities ========================================================== software name: Booby version: 1.0.1 description: A Webbased...
booby-rfi.txt
software name: Booby version: 1.0.1 description: A Webbased Personal Information Manager PIM with support for bookmarks, calendar, contacts, notes, news and tasks. download: http://sourceforge.net/project/showfiles.php?groupid=87672&packageid=91447&releaseid=326826 bug: Multiple Remote...
Booby 1.0.1 - Multiple Remote File Inclusions
Booby 1.0.1 - Multiple Remote File Inclusions software name: Booby version: 1.0.1 description: A Webbased Personal Information Manager PIM with support for bookmarks, calendar, contacts, notes, news and tasks. download:...
Booby 1.0.1 - Multiple Remote File Inclusions
software name: Booby version: 1.0.1 description: A Webbased Personal Information Manager PIM with support for bookmarks, calendar, contacts, notes, news and tasks. download: http://sourceforge.net/project/showfiles.php?groupid=87672&packageid=91447&releaseid=326826 bug: Multiple Remote...
CVE-2005-1631
Booby 1.0.0 (and earlier) is affected by an information-disclosure vulnerability: remote attackers can view private bookmarks by guessing item IDs. The root cause is external access to bookmark items through guessable identifiers, as described in CVE-2005-1631. The connected records repeat the sa...
CVE-2005-1631
booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs...
CVE-2005-1631
booby.php in Booby 1.0.0 and earlier allows remote attackers to view private bookmarks by guessing item IDs...
[SA15305] Booby Disclosure of Private Bookmarks
---------------------------------------------------------------------- Want a new IT Security job? Vacant positions at Secunia: http://secunia.com/secuniavacancies/ ---------------------------------------------------------------------- TITLE: Booby Disclosure of Private Bookmarks SECUNIA ADVISORY...
CVE-2003-1194
The vulnerability CVE-2003-1194 affects Booby up to version 0.2.3 (inclusive) and is a cross-site scripting flaw that allows an attacker to inject arbitrary web script or HTML via the error message. Affected software is Booby .1 through 0.2.3; the root cause is an XSS in error-output handling, en...