SA-CONTRIB-2012-001 - Registration Codes - Access bypass

CVE: CVE-2012-1623 The Registration Codes module enables site administrators to restrict registration for new accounts to only users who provide a valid registration code. The default module installation provides no access check for the registration code list, leading to a vulnerability that allo...

Gwibber v2.29.1 & v3.x - Persistent Software Vulnerability

Exploit for php platform in category web applications Title: ====== Gwibber v2.29.1 & v3.x - Persistent Software Vulnerability Date: ===== 2011-12-22 Introduction: ============= Gwibber is a microblogging client for the GNOME desktop environment. It was created by Ryan Paul, a writer for Ars...

Researcher: Malware, Increasingly Interdependent, Stifles Security Wares

BARCELONA — A researcher says that malicious software such as botnets and browser exploit kits are becoming more and more interdependent, complicating the job of those who seek to detect and remove the malware. Aditya Sood, a doctoral student in the Department of Computer Science and Engineering ...

QR codes - Next way for Android Malware

Once a user scans the QR code, the code redirects them to a site that will install a Trojan on their Android smart phones. Kaspersky's SecureList blog has a report of a malicious QR code on a web site which when scanned directs the user to a URL; the linked site doesn't have a file matching the...

QR Codes Found Sending Users to Site Containing Android Trojan

QR codes have been showing up everywhere in the last few months, from magazine ads to the sides of buses to, oddly, billboards. And now they’ve shown up on the list of ways that attackers are delivering malware to victims, with the emergence of a new Android-based Trojan that is hiding on malicio...

QR Tags Can Hide Malicious Links, Experts Warn

QR tags have become the next big thing in interactive marketing. But as smart phone users flock to the trendy, postage-stamp sized bar codes, researchers are warning that they could be used to hijack mobile phones by directing them to malicious Web pages. In a post on the mobile security blog...

Subsembly Banking 3.1.x - Persistent Filter Vulnerability

Document Title: =============== Subsembly Banking 3.1.x - Persistent Filter Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=74 Release Date: ============= 2011-09-11 Vulnerability Laboratory ID VL-ID: ==================================== 74...

StarMoney Banking Software - Multiple Vulnerabilities [HD]

Document Title: =============== StarMoney Banking Software - Multiple Vulnerabilities HD References: =========== Download: http://www.vulnerability-lab.com/resources/videos/258.wmv View: http://www.youtube.com/watch?v=Bymh3ct1v4g Release Date: ============= 2011-08-31 Vulnerability Laboratory ID...

StarMoney Banking Software - Multiple Vulnerabilities [HD]

Document Title: =============== StarMoney Banking Software - Multiple Vulnerabilities HD References: =========== Download: http://www.vulnerability-lab.com/resources/videos/258.wmv View: http://www.youtube.com/watch?v=Bymh3ct1v4g Release Date: ============= 2011-08-30 Vulnerability Laboratory ID...

McAfee Web Gateway 6.8.6.x - Multiple Web Vulnerbilities

Document Title: =============== McAfee Web Gateway 6.8.6.x - Multiple Web Vulnerbilities References Source: ==================== MFE-WGW-20100429-01 Release Date: ============= 2011-08-10 Vulnerability Laboratory ID VL-ID: ==================================== 73 Product & Service Introduction:...

JD-GUI - Fast Java Decompiler Download

JD-GUI - Fast Java Decompiler Download JD-GUI is a standalone graphical utility that displays Java source codes of ".class" files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. JD-GUI is free for non-commercial use. This means that JD-GUI...

HijackThis Log Analyse - Multiple Web Vulnerabilities

Document Title: =============== HijackThis Log Analyse - Multiple Web Vulnerabilities Release Date: ============= 2011-07-22 Vulnerability Laboratory ID VL-ID: ==================================== 107 Product & Service Introduction: =============================== HijackThis opens you a possibili...

Wordpress Audio Player v2.0b6 - Web Vulnerability

Document Title: =============== Wordpress Audio Player v2.0b6 - Web Vulnerability Release Date: ============= 2011-07-21 Vulnerability Laboratory ID VL-ID: ==================================== 84 Product & Service Introduction: =============================== Wordpress Audio Player Plugin/Addon...

XING Network Website - Multiple Web Vulnerabilities

Document Title: =============== XING Network Website - Multiple Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=87 Release Date: ============= 2011-07-21 Vulnerability Laboratory ID VL-ID: ==================================== 87 Produ...

RHEL 5 : ruby (RHSA-2011:0909)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0909 advisory. - ruby WEBrick log escape sequence CVE-2009-4492 - Ruby WEBrick javascript injection flaw CVE-2010-0541 - ruby: memory corruption in...

RHEL 6 : ruby (RHSA-2011:0910)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2011:0910 advisory. - ruby: memory corruption in BigDecimal on 64bit platforms CVE-2011-0188 - Ruby: Symlink race condition by removing directory trees in...

ruby security update

1.8.7.299-7.1 - Address CVE-2011-1004 'Symlink race condition by removing directory trees in fileutils module' ruby-1.8.7-CVE-2011-1004.patch - Address CVE-2011-1005 'Untrusted codes able to modify arbitrary strings' ruby-1.8.7-CVE-2011-1005.patch - Address CVE-2011-0188 'memory corruption in...

Citigroup Admits Info on 200K Customers Stolen in Network Compromise

Citigroup is warning its credit card users that attackers have stolen account information belonging to 200,000 customers. The breach apparently was discovered last month. The attackers who compromised Citigroup’s network were able to get customer names, account numbers and other data, including...

ACER Hacked : 40,000 Users Data, Source Codes & Server Compromised

ACER Hacked : 40,000 Users Data, Source Codes & Server Compromised Update : THN Report : ACER hacked because of their own stupidity This Week is Really with great UP-DOWNS in Cyber World. Mega hacks like Sony Pictures hacked, Chinese Hacker Cracks 100's of Gmail accounts , Public Broadcasting...

Sony Pictures hacked and Database Leaked by LulzSec

Sony Pictures hacked and Database Leaked by LulzSec YES ! Sony Hacked Again once more by Lulzsec. The Target is SonyPictures.com and It compromised over 1,000,000 users'personal information, including passwords, email addresses, home addresses,dates of birth, and all Sony opt-in data associated...