Apple iOS < 6.1.3 Multiple Vulnerabilities

Binary data 6718.prm...

CVE-2013-0206

Unrestricted file upload vulnerability in the Live CSS module 6.x-2.x before 6.x-2.1 and 7.x-2.x before 7.x-2.7 for Drupal allows remote authenticated users with the "administer CSS" permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a...

Insecure Windows Service Permissions

At least one Windows service executable with insecure permissions was detected on the remote host. Services configured to use an executable with weak permissions are vulnerable to privilege escalation attacks. An unprivileged user could modify or overwrite the executable with arbitrary code, whic...

JVN#91387819: mora Downloader may insecurely load executable files

mora Downloader contains an issue in the file search path when loading files, which may insecurely load executables or other files. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest version according to t...

Smartfren Connex weak permissions

Weak permissions for executable files lead to privilege escalation...

Design/Logic Flaw

The Antivirus component in Comodo Internet Security before 5.3.174622.1216 does not check whether X.509 certificates in signed executable files have been revoked, which has unknown impact and remote attack vectors...

CVE-2010-5185

CVE-2010-5185 affects Comodo Internet Security prior to 5.3.174622.1216. The Antivirus component does not verify revocation status of X.509 certificates in signed executables, with an effect described as unknown and remote attack vectors. No explicit exploit details or affected vendor/version bey...

Spear Phishing Emails, Malware, Targeting BlackBerry Users

Blackberry owners are being targeted by a new type of malware that’s beginning to spread via spear phishing emails, according to security firm Websense. According to a post on the company’s blog, Security Labs, those users who are targeted receive an email with the subject line “Your BlackBerry I...

JVN#85695061: ALFTP may insecurely load executable files

ALFTP provided by ESTsoft Corp. is a FTP client software with the built in FTP server. ALFTP contains an issue when loading files. For example, if an user tries to open README a file without extention which exists in the same directory where README.exe a file with .exe extention exists, README.ex...

CVE-2011-3666

Based on the Connected documents, CVE-2011-3666 is tied to Mozilla Firefox and Thunderbird on Mac OS X where a fix for CVE-2011-2372 was incorrectly applied, allowing a user-assisted bypass related to executable handling of .jar-like files via crafted web content. The Nessus/OpenSSH-related advis...

FFFTP may insecurely load executable files

Overview FFFTP may use unsafe methods for determining how to load executables .exe FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Fumihiko Sano reported this vulnerability to IPA. JPCERT/CC...

JVN#94002296: FFFTP may insecurely load executable files

FFFTP contains an issue when loading files, which may insecurely load executables or other files. This vulnerability is different from JVN62336482. Impact An attacker may execute arbitrary code with the privilege of the running application. Solution Update the software Update to the latest versio...

Трояним эльфов

Трояним эльфов Задача: Вставить в elf-файл возможность, при указании пароля, запуска произвольных команд. Размер и функционал исходного elf-файла остаются неизменными. Часть 1. Трояним /bin/su из BackTrack 5 R1 x86 образ VMWare BT5R1-GNOME-VM-32.7z 1. ELF и его анатомия в контексте используемой...

CVE-2011-3502

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...

Design/Logic Flaw

The web server in Cogent DataHub 7.1.1.63 and earlier allows remote attackers to obtain the source code of executable files via a request with a trailing 1 space or 2 %2e encoded dot...

Amoy Royal Taobao guest security vulnerabilities and fixes-vulnerability warning-the black bar safety net

Official website: http://www.taodisoft.com 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshe...

Dig Emperor Management Platform security vulnerabilities-vulnerability warning-the black bar safety net

Official website: 1, demo Station background turned out to have a place to upload pictures, does not prohibit the upload. 2, the upload image simple filtration, easy to break, Upload a php file, and can be executed. 3, the servervpsconfiguration severe lower, get a webshell directly after is a...

PHP Nuke 8.3 MT Shell Upload

Iranian Pentesters Home Title : PHP Nuke 8.3 MT Arbitrary File Upload Vulnerability Author : Pentesters.ir Exploits Coded by : b3hz4d & 4n0nym0us Tested on: PHP Nuke 8.3 Vendor : http://phpnuke.ir Specially Thanks To: Navid, Hossein, Ahmad, vahid, daryoush and all of the pentesters.ir members...

Threat Outbreak Alert: Fake DHL Package Delivery Notification Email Messages on March 20, 2015

Medium Alert ID: 23104 First Published: 2011 May 9 12:53 GMT Last Updated: 2015 March 20 12:50 GMT Version: 13 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a DHL package delivery notification. The text in the email message instructs...

EMC Data Protection Advisor Collector weak security permissions

Weak permissions for executable files...