Unity Web Player Zero-Day Vulnerability Disclosed

Some detail has been disclosed about a zero-day vulnerability in the Unity Web Player browser plugin that can allow an attacker to use a victim’s credentials to read messages or otherwise abuse their access to online services. The partial disclosure was made after nearly six months of bug-report...

RHEL 5 / 6 : flash-plugin (RHSA-2015:1005)

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2015:1005 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple...

CVE-2015-2061

Heap-based buffer overflow in the browser plugin for PTC Creo View allows remote attackers to execute arbitrary code via vectors involving setting a large buffer to an unspecified attribute...

CVE-2015-2061

Heap-based buffer overflow in the browser plugin for PTC Creo View allows remote attackers to execute arbitrary code via vectors involving setting a large buffer to an unspecified attribute...

CVE-2015-2061

Summary of factual details for CVE-2015-2061 : The vulnerability affects the browser plugin of PTC Creo View . The root cause is a heap-based buffer overflow triggered by setting a large buffer to an attribute within the plugin, leading to the possibility of remote code execution. Exploitation de...

Adobe Shockwave Player <= 12.0.6.147 Memory Corruptions (APSB13-29) (Mac OS X)

The remote Mac OS X host contains a version of Adobe Shockwave Player that is prior to or equal to 12.0.6.147. It is, therefore, affected by two memory corruption vulnerabilities. A remote attacker can exploit these issues by tricking a user into viewing a malicious Shockwave file, resulting in...

Flash Player For Mac <= 15.0.0.223 Dereferenced Memory Pointer RCE (APSB14-26)

According to its version, the installation of Adobe Flash Player installed on the remote Mac OS X host is equal or prior to 15.0.0.223. It is, therefore, affected by a remote code execution vulnerability due to the processing of a dereferenced memory pointer. C Tenable Network Security, Inc...

RHEL 5 / 6 : flash-plugin (RHSA-2014:1852)

The remote Redhat Enterprise Linux 5 / 6 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2014:1852 advisory. The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple...

Okta Browser Plugin Detection

Binary data oktabrowserplugininstalled.nbin...

JAVA Web Start Arbitrary command-line injection

No description provided by source. Bye bye my little 0day :, Tavis Ormandy did a great job uncovering a big logic flaw within Java JRE. I discovered that bug and other that affects every browser few weeks ago and I posted the common 0day++ tweet. The method in which Java Web Start support has bee...

Novell iPrint Client Browser Plugin - ExecuteRequest debug Stack Overflow

No description provided by source. !-- | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ http://www.exploit-db.com/moaub-14-novell-iprint-client-browser-plugin-executerequest-debug-parameter-stack-overflow/ Title : Novell iPrint...

Winds3D Viewer 3 'GetURL()' Arbitrary File Download Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/35595/info Winds3D Viewer is prone to a vulnerability that can allow malicious files to be downloaded an executed within the context of the affected browser that uses the plugin. Successfully exploiting this issue will...

Novell iPrint Client Browser Plugin - call-back-url Stack Overflow

No description provided by source. ''' | / |/ \ /\ | | | | \ | \ / | | | | / \ | | | | | | | |/| | | | |/ /\ | | | | | | | | || / \ || | | | || ||// \/|/ Title : Novell iPrint Client Browser Plugin call-back-url stack overflow Version : iPrint Client plugin v5.42 XP SP3 Analysis :...

openSUSE Security Update : acroread (openSUSE-SU-2013:0363-1)

Update to 9.5.3 bnc797529 to fix: CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616,...

openSUSE Security Update : acroread (openSUSE-SU-2013:0138-1)

Update to 9.5.3 bnc797529 to fix: CVE-2012-1530, CVE-2013-0601, CVE-2013-0602, CVE-2013-0603, CVE-2013-0604, CVE-2013-0605, CVE-2013-0606, CVE-2013-0607, CVE-2013-0608, CVE-2013-0609, CVE-2013-0610, CVE-2013-0611, CVE-2013-0612, CVE-2013-0613, CVE-2013-0614, CVE-2013-0615, CVE-2013-0616,...

Critical: Red Hat Security Advisory: java-1.7.0-openjdk security update

Updated java-1.7.0-openjdk packages that fix various security issues are now available for Red Hat Enterprise Linux 7. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity...

Flash Player <= 11.7.700.275 / 13.0.0.182 Pixel Bender Component Buffer Overflow (APSB14-13)

According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.275 / 11.8.x / 11.9.x / 12.x / 13.0.0.182. It is, therefore, potentially affected by a buffer overflow vulnerability due to improper user input validation in the Pixel Bender...

RHEL 5 / 6 : flash-plugin (RHSA-2014:0380)

An updated Adobe Flash Player package that fixes multiple security issues is now available for Red Hat Enterprise Linux 5 and 6 Supplementary. The Red Hat Security Response Team has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which...

Path traversal

The HTML\Browser plugin in SabreDAV before 1.6.9, 1.7.x before 1.7.7, and 1.8.x before 1.8.5, as used in ownCloud, when running on Windows, does not properly check path separators in the base path, which allows remote attackers to read arbitrary files via a \ backslash character...

Flash Player <= 11.7.700.269 / 12.0.0.70 Multiple Vulnerabilities (APSB14-08)

According to its version, the instance of Flash Player installed on the remote Windows host is equal or prior to 11.7.700.269 / 11.8.x / 11.9.x / 12.0.0.70. It is, therefore, potentially affected multiple vulnerabilities : - A vulnerability exists that could be used to bypass the same origin...