Ghisler Total Commander FileInfo plugin Denial of Service Vulnerability

Ghisler Total Commander formerly Windows Commander is a suite of disk file management software from the Swiss company Ghisler that replaces Explorer.File Info is one of the file information plug-ins. A security vulnerability exists in the Ghisler Total Commander File Info plug-in. A remote attack...

CVE-2015-2869

Affected software: Total Commander FileInfo plugin (version 2.21 affected, fixed in 2.22 per TALOS report). Vulnerability type: Out‑of‑bounds read leading to denial of service and possible application termination. Root cause: Attacker-controlled fields in COFF Archive and LE structures (Archive M...

WordPress Front End Repository Manager Plugin <= 1.1 - Arbitrary File Upload

Because of this vulnerability, users can upload malicious executable scripts. Solution Update the plugin...

Fedora Update for jenkins-executable-war FEDORA-2015-5430

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Android Debuggerd Debugger Device Memory Leak Vulnerability

debuggerd is a diagnostic daemon that comes with Android system for abnormal program exit. this process can detect program crash and output the process status information of the crashed program to the file and serial port. Debuggerd 4.0 Ice Cream Sandwich to Lollipop 5.x suffers from a security...

CVE-2015-1900

IBM InfoSphere DataStage 8.1, 8.5, 8.7, 9.1, and 11.3 through 11.3.1.2 on UNIX allows local users to write to executable files, and consequently obtain root privileges, via unspecified vectors...

Linux/x86 - exec'/bin/dash' shellcode 45 bytes

Linux/x86 - exec'/bin/dash' shellcode 45 bytes. Shellcode exploit for linx86 platform / Title: Linux/x86 exec'/bin/dash' - shellcode 45 bytes Platform: linux/x8664 Date: 2015-06-15 Author: Mohammad Reza Espargham Linkedin : https://ir.linkedin.com/in/rezasp E-Mail : meatrezadotes ,...

CVE-2015-4607

Unrestricted file upload vulnerability in the Frontend User Upload feupload extension 0.5.0 and earlier for TYPO3 allows remote attackers to execute arbitrary code by uploading a file with an executable extension using a frontend form, then accessing it via a direct request to the file in the...

Unrestricted file upload

Unrestricted file upload vulnerability in the Job Fair jobfair extension before 1.0.1 for TYPO3, when using Apache with modmime, allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in the extension...

Adware-Laden Skype Botnet Disrupted

Skype, Microsoft’s now ubiquitous video/messenger program, has long been a go-to destination for attackers looking to peddle their malware. The latest campaign to leverage the software – a botnet circulating adware, composed entirely of Skype users – was recently disrupted by researchers. Ronnie...

IBM Security AppScan Standard 9.0.2 - OLE Automation Array Remote Code Execution

!/usr/bin/python import BaseHTTPServer, socket IBM Security AppScan Standard OLE Automation Array Remote Code Execution Author: Naser Farhadi Linkedin: http://ir.linkedin.com/pub/naser-farhadi/85/b3b/909 Date: 1 June 2015 Version: function runmumaa On Error Resume Next set shell=createobject"Shel...

Threat Outbreak Alert RuleID8337: Email Messages Distributing Malicious Software on January 21, 2016

Medium Alert ID: 38981 First Published: 2015 May 23 03:13 GMT Last Updated: 2016 January 21 20:55 GMT Version: 30 Summary Email messages that are related to this threat RuleID8337 and RuleID8337KVR may contain the following files: Name | Size in Bytes | MD5 Checksum ---|---|--- Pay Slip.zip /...

Lenovo System Update Privilege Escalation Exploit

Exploit for hardware platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit3 'Lenovo System Update Privilege Escalation', 'Description' = %q The named pipe, \SUPipeServer,...

SecuritySoftView - Displays the AntiVirus / AntiSpyware / Firewall registered with the security center of Windows

SecuritySoftView is a simple tool that displays the AntiVirus, AntiSpyware, and Firewall programs that are currently installed on your system and registered with the security center of Windows operating system. System Requirements This utility works on any version of Windows, starting from Window...

SUSE SLES11 Security Update : java-1_7_0-ibm (SUSE-SU-2013:1256-1)

IBM Java 1.7.0 has been updated to SR5 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings bnc817062 - mark files in jre/bin and bin/ as executable bnc823034 Note that...

Adobe Acrobat and Reader Buffer Overflow (APSB15-10: CVE-2015-3048)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while creating a new broker process for the IE EPM sandbox. A remote attacker can exploit this issue by enticing a victim to open a specially crafted...

Rockwell Automation RSLinx Classic Vulnerability

RSLinx Classic is used to enable communication between Rockwell Software applications within an industrial control system. A stack buffer overflow vulnerability exists in the implementation of OPCTest.exe in RSLinx Classic versions prior to 3.73.00. This allows an attacker to exploit this...

HUAWEI MobiConnect weak permissions

Weak permissions for executable files...

EasyCTF Arbitrary File Content Write Vulnerability

EasyCTF is a CGI program for scoring CTFs. EasyCTF has an unspecified security vulnerability that could be exploited by remote attackers to write arbitrary executable content to a file...

CVE-2015-0912

EasyCTF before 1.4 allows remote authenticated users to write executable content to files via unspecified vectors...