APPLE-SA-2015-01-27-2 iOS 8.1.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-2 iOS 8.1.3 iOS 8.1.3 is now available and addresses the following: AppleFileConduit Available for: iPhone 4s and later, iPod touch 5th generation and later, iPad 2 and later Impact: A maliciously crafted afc command may allow acce...

Debian: Security Advisory (DSA-3152-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

APPLE-SA-2015-01-27-1 Apple TV 7.0.3

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2015-01-27-1 Apple TV 7.0.3 Apple TV 7.0.3 is now available and addresses the following: Apple TV Available for: Apple TV 3rd generation and later Impact: A maliciously crafted afc command may allow access to protected parts of the filesystem...

Malware Poses as Flash Update Infects 110,000 Facebook Users within 2 Days

Facebook users just Beware!! Don’t click any porn links on Facebook. Foremost reason is that you have thousands of good porn sites out there, but there's an extra good reason right now. Rogue pornography links on the world’s most popular social network have reportedly infected over 110,000 Facebo...

CVE-2015-1371

Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in custom/uploads/...

Unrestricted file upload

Unrestricted file upload vulnerability in ferretCMS 1.0.4-alpha allows remote administrators to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in custom/uploads/...

Windows Run Command As User

This module will login with the specified username/password and execute the supplied command as a hidden process. Output is not returned by default. Unless targeting a local user either set the DOMAIN, or specify a UPN user format e.g. user@domain. This uses the CreateProcessWithLogonW WinAPI...

Unrestricted file upload

Unrestricted file upload vulnerability in EMC M&R aka Watch4Net before 6.5u1 and ViPR SRM before 3.6.1 allows remote authenticated users to execute arbitrary code by uploading and then accessing an executable file...

ArticleFR CMS 3.0.5 - Arbitrary File Upload

ArticleFR CMS 3.0.5 - Arbitrary File Upload Exploit Title: Arbitrary File Upload in articleFR CMS 3.0.5 Google Dork: N/A Date: 01/21/2015 Exploit Author: Tran Dinh Tien [email protected] & ITAS Team www.itas.vn Vendor Homepage: http://freereprintables.com Software Link:...

Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of a...

CVE-2014-9308

Unrestricted file upload vulnerability in inc/amfphp/administration/banneruploaderscript.php in the WP EasyCart aka WordPress Shopping Cart plugin before 3.0.9 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension, then accessing it via a...

Directory traversal

Directory traversal vulnerability in the TS WebProxy aka TSWbPrxy component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted...

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy aka TSWbPrxy component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted...

PT-2015-3408 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Microsoft Windows versions prior to the fixed version Description: The issue is related to a directory traversal vulnerability in the TS WebProxy component, which allows remote attackers to gain privileges via a crafted pathname in an...

CVE-2015-0016

Directory traversal vulnerability in the TS WebProxy aka TSWbPrxy component in Microsoft Windows Vista SP2, Windows 7 SP1, Windows Server 2008 R2 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to gain privileges via a crafted...

Unrestricted file upload

Unrestricted file upload vulnerability in libnonajax.php in the CformsII plugin 14.7 and earlier for WordPress allows remote attackers to execute arbitrary code by uploading a file with an executable extension via the cfuploadfile2 parameter, then accessing the file via a direct request to the fi...

Stud_PE-2.6.05

Exploit Title: StudPE v2.6.05 Stack Overflow PoC exploit Date: 03/28/2010 Author: zha0 Software Link: http://www.cgsoftlabs.ro/studpe.html Version: StudPE v2.6.05 peexe= "\x4D\x5A\x90\x00\x03\x00\x00\x00\x04\x00\x00\x00\xFF\xFF\x00\x00"...

DIZzy-1.12-Local

Exploit Title: DIZzy 1.12 Local Stack Overflow Google Dork: n/a Date: 17/11/2010 Author: g30rg3x shellcode = "\xB8\xFF\xEF\xFF\xFF\xF7\xD0\x2B\xE0\x55\x8B\xEC" + "\x33\xFF\x57\x83\xEC\x04\xC6\x45\xF8\x63\xC6\x45" + "\xF9\x6D\xC6\x45\xFA\x64\xC6\x45\xFB\x2E\xC6\x45" +...

CoolPlayer-Portable-2.19.2-ASLR

Buffer overflow that bypasses ASLR by using a non-aslr module Tested against CoolPlayer Portable version 2.19.2 on Windows Vista Business 32 bit Written by Blake 233 bytes for shellcode available 227 byte windows/exec shellcode = CMD=calc.exe shellcode=...

NCMedia-Sound-Editor-Pro-7.5.1-SEH-DEP

Exploit: NCMedia Sound Editor Pro v7.5.1 SEHDEP Author: b33f - http://www.fuzzysecurity.com/ OS: Windows 7 Pro SP1 probably universal across 32-bit POC - Julien Ahrens XP SP3 Software: http://www.soundeditorpro.com/ import sys, socket, struct file="MRUList201202.dat"...