Cisco TC Software SIP Implementation Vulnerability

A vulnerability in the Session Initiation Protocol SIP implementation used in TC Software could allow an unauthenticated, remoteattacker to cause an endpoint to process unintended SIP NOTIFY messages. The vulnerability is due to errors in the SIP implementation. An attacker could exploit this...

FileCOPA FTP Server - Remote Denial of Service

FileCOPA FTP Server - Remote Denial of Service source: https://www.securityfocus.com/bid/60909/info FileCOPA FTP Server is prone to a remote denial-of-service vulnerability. Attackers can exploit this issue to crash the affected application, denying service to legitimate users. FileCOPA FTP Serve...

Cisco Prime for HCS Assurance Information Disclosure Vulnerability

A vulnerability in web framework could allow an unauthenticated, remote attacker to access information about internal file system resources such as paths and names of files and directories. The vulnerability is due to insufficient security hardening of replies to crafted HTTP requests. An attacke...

Cisco Access Control Server Privilege Escalation Vulnerability

A vulnerability in the administrative web interface of Cisco Access Control Server could allow an authenticated, remote attacker to access the report view functions of the portal without being given the proper privileges. The vulnerability is due to a failure to properly secure the report view...

WordPress Plugin WP-SendSms 1.0 - Multiple Vulnerabilities

WordPress Plugin WP-SendSms 1.0 - Multiple Vulnerabilities ============================================================= \ \ / / | | / \ / | | \ \ V / | | | | | | | | | / \ | ' \ | | | | | | | | | | | | '| | / / . \ | | | | | | || | | | | | | | | | // \ | ./ || / || || |/ || | | ||...

Cisco ACE Log Retention Denial of Service Vulnerability

A vulnerability in the SSL logging daemon of Cisco Application Control Engine ACE could allow an unauthenticated, remote attacker to cause a denial of service condition on the affected device. The vulnerability occurs because the Cisco ACE fails to rotate logs from SSL sessions, exhausting the ha...

Cisco WebEx Social Client-Side Restriction Bypass Attribute Change Vulnerability

A vulnerability in the user management page of WebEx Social could allow an authenticated, remote attacker to inject arbitrary values into the Screen Name, Email Address, First Name, Middle Name, Last Name, and Job Title fields. The vulnerability is due to insufficient server-side validation of...

Microsoft Windows Media Player 11.0.0 - '.wav' Crash (PoC)

Title : Windows Media Player 11.0.0 .wav Crash PoC Date: 2013-01-12 Software Link: http://windows.microsoft.com/fr-fr/windows/windows-media-player Vendor : http://www.commentcamarche.net/download/start/telecharger-34055100-windows-media-player Author: Asesino04 Tested on: Windows XP SP2 Home:...

Easy Icon Maker 5.01 - Crash (PoC)

Easy Icon Maker 5.01 - Crash PoC Exploit Title: Easy Icon Maker Version 5.01 Crash Poc vulnerability Date: 28-04-2013 Exploit Author: Asesino04 Vendor Homepage: link Software Link: http://www.icon-maker.com/iconmaker.exe Version: 5.01 & old versions Tested on: Windows 7 Introduction :...

Google pays $31,336 bounty to hacker for reporting critical vulnerabilities in Chrome

Google has fixed a series of serious vulnerabilities in its Chrome OS, including three high-risk bugs that could be used for code execution on vulnerable machines. Bug bounties is the cash prizes offered by open source communities to anyone who finds key software bugs have been steadily on the ri...

Cisco Nexus 7000 Frame Forwarding Loop Denial of Service Vulnerability

Cisco NX-OS Software running on Nexus 7000 Series Switches contains a vulnerability that could allow an unauthenticated, remote attacker with access to an adjacent network to cause a denial of service DoS condition. The vulnerability is due to mishandling of a specific type of nonstandard Etherne...

EspCMS 后台登录绕过漏洞再利用(再利用！)

简要描述： 声明下，此漏洞0413提交到360漏洞平台，之后0422官方修复了该漏洞。 现在提交到wooyun是绕过官方修复的方法，继续利用。 可以算是老漏洞提死回生，不应该算是同一个漏洞提交到两个地方，希望有关部门能够明白，尽管代码非常像。 详细说明：...

Google Fixes Three High-Risk Flaws in Chrome OS

Google has fixed a series of serious vulnerabilities in its Chrome OS, including three high-risk bugs that could be used for code execution on vulnerable machines. As part of its reward program, Google paid out more than $30,000 to a researcher who found three of the vulnerabilities. All of the...

Cisco Host Scan Component of AnyConnect Secure Mobility and Secure Desktop Privilege Elevation Vulnerability

The Cisco Host Scan component of Cisco AnyConnect Secure Mobility and Cisco Secure Desktop contains multiple vulnerabilities that could allow a local, unprivileged user to elevate privileges to those of SYSTEM. Cisco has confirmed the vulnerability in a security notice and software updates are...

Cisco Host Scan Component of AnyConnect Secure Mobility and Secure Desktop Heap Overflow Vulnerability

The Cisco Host Scan component of Cisco AnyConnect Secure Mobility and Cisco Secure Desktop contains a heap overflow vulnerability that could allow a local, unprivileged user to elevate its privileges to those of SYSTEM. Cisco has confirmed the vulnerability in a security notice and software updat...

Easy DVD Player V3.5.1 (libav) libavcodec_plugin.dll DOS

Exploit for windows platform in category dos / poc !/usr/bin/python Exploit Title:Easy DVD Player libav libavcodecplugin.dll DOS Download link :http://www.easy-dvd-player.com/download.htm Author: metacom version: version V3.5.1 Category: poc Tested on: windows 7 German ''' read violation on...

Groovy Media Player 3.2.0 Buffer Overflow Vulnerability

Groovy Media Player version 3.2.0 suffers from a buffer overflow vulnerability. Title: ==== Groovy Media Player 3.2.0 Buffer Overflow Vulnerability Credit: ====== Name: Akshaysinh Vaghela Company/affiliation: Cyberoam Technologies Private Limited Website: www.cyberoam.com CVE: ===== CVE-2013-2760...

Easy DVD Player 3.5.1 - libav 'libavcodec_plugin.dll' Denial of Service

!/usr/bin/python Exploit Title:Easy DVD Player libav libavcodecplugin.dll DOS Download link :http://www.easy-dvd-player.com/download.htm Author: metacom version: version V3.5.1 Category: poc Tested on: windows 7 German ''' read violation on 0x00000010 libavcodecplugin.dll 714.520: Access violatio...

Verizon Fios Router MI424WR-GEN3I - CSRF Vulnerability

Advisory/Video: http://infosec42.blogspot.com/2013/03/verizon-fios-router-csrf-cve-2013-0126.html US CERT Disclosure: http://www.kb.cert.org/vuls/id/278204 Exploit Code: HTML FILE 1 Cisco Verizon FIOS CSRF - Adding Administrator User Please sit tight while we upgrade your router function CSRF1...

Verizon Fios Router MI424WR-GEN3I - Cross-Site Request Forgery

Exploit Title: Verizon Fios Router CSRF Admin Shell Date: Discovered and reported January 2013 Author: Jacob Holcomb/Gimppy - Security Analyst @ Independent Security Evaluators Software: Verizon FIOS Router - Firmware 40.19.36 http://verizon.com CVE: CVE-2013-0126 Advisory/Video:...