Threat Outbreak Alert: Fake Money Transfer Notification Email Messages on August 21, 2013

Medium Alert ID: 30479 First Published: 2013 August 21 13:18 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a money transfer notification for the recipient. The text in the email message attempts to convince the recipie...

Windows Gather Prefetch File Information

This module gathers prefetch file information from WinXP, Win2k3 and Win7 systems and current values of related registry keys. From each prefetch file we'll collect filetime converted to utc of the last execution, file path hash, run count, filename and the execution path. This module requires...

[The Backdoor Factory] Backdoors win32 PE files

Backdoors win32 PE files, to continue normal file execution if the shellcode supports it, by patching the exe/dll directly. Some executables have built in protections, as such this will not work on all PE files. It is advisable that you test target PE files before deploying them to clients or usi...

Sirefef Malware Found Using Unicode Right-to-Left Override Technique

Old malware tricks never really die, they just get recycled and passed down to the next generation of attackers. The latest technique to get run through the wayback machine is the use of the right-to-left override character in Unicode, a tactic that enables malware authors to hide the real name o...

Threat Outbreak Alert: Fake UPS Parcel Notification Email Messages on August 15, 2013

Medium Alert ID: 30435 First Published: 2013 August 15 17:56 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain a UPS parcel notification for the recipient. The text in the email message attempts to convince the recipient t...

Mandriva Linux Security Advisory : libtiff (MDVSA-2013:208)

Updated libtiff packages fix security vulnerabilities : A heap-based buffer overflow flaw was found in the way tiff2pdf of libtiff performed write of TIFF image content into particular PDF document file, in the tpprocessjpegstrip function. A remote attacker could provide a specially crafted TIFF...

Microsoft Windows - HWND_BROADCAST Low to Medium Integrity Privilege Escalation (MS13-005) (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/exploit/exe' class...

SuSE 11.2 / 11.3 Security Update : java-1_6_0-ibm (SAT Patch Numbers 8105 / 8107)

IBM Java 1.6.0 has been updated to SR14 to fix bugs and security issues. Please see also http://www.ibm.com/developerworks/java/jdk/alerts/ Also the following bugs have been fixed : - add Europe/Busingen to tzmappings. bnc817062 - mark files in jre/bin and bin/ as executable bnc823034 %NASLMINLEV...

Mozilla Thunderbird Multiple Vulnerabilities - August12 (Mac OS X)

This host is installed with Mozilla Thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillathunderbirdmultvulnaug12macosx.nasl 6074 2017-05-05 09:03:14Z teissa $ Mozilla Thunderbird Multiple Vulnerabilities - August12 Mac OS X Authors: Arun Kallavi Copyrigh...

Mozilla Firefox ESR Multiple Vulnerabilities (Aug 2012) - Mac OS X

Mozilla Firefox ESR is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Database Multiple Vulnerabilities (July 2013 CPU)

The remote Oracle database server is missing the July 2013 Critical Patch Update CPU and is, therefore, potentially affected by security issues in the following components : - XML Parser - Network Layer - Oracle Executable - Core RDBMS %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

Comodo Internet Security Denial of Service Vulnerability July 13

The host is installed with Comodo Internet Security and is prone to denial of service vulnerability. OpenVAS Vulnerability Test $Id: gbcomododosvulnjuly13win.nasl 6125 2017-05-15 09:03:42Z teissa $ Comodo Internet Security Denial of Service Vulnerability July 13 Authors: Arun Kallavi Copyright:...

Comodo Internet Security Denial of Service Vulnerability (Jul 2013)

Comodo Internet Security is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OracleVM 2.2 : ovs-agent (OVMSA-2010-0015)

The remote OracleVM system is missing necessary patches to address critical security updates : - Update changelog, fill CVE number. - Fix config-file access mode issue. - Fix file access vulnerability orabug 10142417 CVE-2010-3582 - Fix local privilege escalation orabug 10142476 CVE-2010-3584 - F...

UBUNTU-CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

DEBIAN-CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

CVE-2013-1768

The BrokerFactory functionality in Apache OpenJPA 1.x before 1.2.3 and 2.x before 2.2.2 creates local executable JSP files containing logging trace data produced during deserialization of certain crafted OpenJPA objects, which makes it easier for remote attackers to execute arbitrary code by...

Threat Outbreak Alert: Fake German Payment Form Attachment Email Messages on June 25, 2014

Medium Alert ID: 30027 First Published: 2013 July 11 11:55 GMT Last Updated: 2014 June 26 11:57 GMT Version: 9 Summary Cisco Security has detected significant activity related to German-language spam email messages that claim to contain a payment form notification for the recipient. The text in t...

Design/Logic Flaw

Alstom Grid MiCOM S1 Agile before 1.0.3 and Alstom Grid MiCOM S1 Studio use weak permissions for the MiCOM S1 %PROGRAMFILES% directory, which allows local users to gain privileges via a Trojan horse executable file...

Threat Outbreak Alert: Fake Shipping Order Information Email Messages on August 26, 2013

Medium Alert ID: 30010 First Published: 2013 July 10 16:08 GMT Last Updated: 2013 August 26 18:40 GMT Version: 4 Summary Cisco Security has detected significant activity related to spam email messages that claim to contain shipping order information for the recipient. The text in the email messag...