80 matches found
EUVD-2011-1399
Malware in sbrugna...
EUVD-2011-1398
Malware in sbrugna...
EUVD-2011-1395
Malware in sbrugna...
SUSE CVE-2012-1751
Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 11.1.0.7, 11.2.0.2, and 11.2.0.3 allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to flashback archive...
Security Bulletin: Rational Rhapsody for Windows Blueberry FlashBack ActiveX Control vulnerabilities (CVE-2011-1388, CVE-2011-1391, CVE-2011-1392)
Summary There are multiple high risk security vulnerabilities with the Blueberry FlashBack ActiveX control shipped by IBM Rational Rhapsody for Windows V7.6 and earlier versions. Problem occurs outside Rhapsody when control is invoked as ActiveX by Microsoft Internet Explorer. Vulnerability Detai...
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits a stack buffer overflow in the Cisco RV series router's SSL VPN functionality. The default SSL VPN configuration is exploitable, with no authentication required and works over the Internet! The stack is executable and no ASLR is in place, which makes exploitation...
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Cisco RV340 SSL VPN Unauthenticated Remote Code Execution', 'Description' = %q This module exploits a stack buffer overflow in the Cisco RV serie...
Rockwell FactoryTalk View SE SCADA Unauthenticated Remote Code Execution Exploit
This Metasploit module exploits a series of vulnerabilities to achieve unauthenticated remote code execution on the Rockwell FactoryTalk View SE SCADA product as the IIS user. The attack relies on the chaining of five separate vulnerabilities. The first vulnerability is an unauthenticated project...
Inductive Automation Ignition Remote Code Execution Exploit
This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA product, versions 8.0.0 to and including 8.0.7. This exploit was tested on versions 8.0.0 and 8.0.7 on both Linux and Windows. The default configuration is exploitable by an...
NETGEAR R6700v3 Password Reset / Remote Code Execution Exploit
This document describes a stack overflow vulnerability that was found in October, 2019 and presented in the Pwn2Own Mobile 2019 competition in November 2019. The vulnerability is present in the UPNP daemon /usr/sbin/upnpd, running on NETGEAR R6700v3 router with firmware versions V1.0.4.8210.0.57...
Inductive Automation Ignition Remote Code Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Inductive Automation Ignition Remote Code Execution', 'Description' = %q This module exploits a Java deserialization vulnerability in the Inducti...
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution Exploit
This Metasploit module exploits a command injection vulnerability in the tdpServer daemon /usr/bin/tdpServer, running on the router TP-Link Archer A7/C7 AC1750, hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side o...
TP-Link Archer A7/C7 Unauthenticated LAN Remote Code Execution
This module exploits a command injection vulnerability in the tdpServer daemon /usr/bin/tdpServer, running on the router TP-Link Archer A7/C7 AC1750, hardware version 5, MIPS Architecture, firmware version 190726. The vulnerability can only be exploited by an attacker on the LAN side of the route...
Integer Overflow Vulnerability in QQ Browser
QQ Browser is a browser. An integer overflow vulnerability exists in QQ Browser. An attacker can exploit the vulnerability to cause the browser to crash and flashback...
Generic OS X Malware Detection Method Explained
When it comes to detecting OS X malware, the future may not be rooted in machine learning algorithms, but patterns and heatmap visualization, a researcher posits. In an academic paper published by Virus Bulletin on Monday, Vincent Van Mieghem, a former student at the Delft University of Technolog...
Blueberry Express 5.9.0.3678 - SEH Buffer Overflow Exploit
Exploit for windows platform in category local exploits Document Title: =============== Blueberry Express v5.9.x - SEH Buffer Overflow Vulnerability Product & Service Introduction: =============================== Create engaging movies by adding text, sound and images to your screen recording. Ma...
Mac OS X Flashback Trojan is still alive, recently infected 22,000 Apple machines
The Flashback Trojan, the most sophisticated piece of malware that infected over 600,000 Apple's Macs systems back in April, 2012 is still alive and has infected about 22,000 machines recently, according to the researchers from Intego. For a refresh, Flashback Trojan was first discovered in...
Clues About Flashback Creator Come Together
Nearly a year since the Flashback Trojan surfaced and ultimately infected more than 600,000 Apple OS X computers, the author of the malware may haven been discovered. After some sleuthing by security bloggers Brian Krebs over the past year – documented today on the Krebs on Security blog – the...
Apple Breached by Facebook Hackers Using Java Exploit
Apple is the latest major American company to enter the security confessional and disclose it has been breached. The company told Reuters today it was attacked by the same crew that hit Facebook, which disclosed its breach last Friday, and that like the social media giant, no data had been stolen...
Dockster Mac Malware Targets Dalai Lama Website Through Flashback Vulnerability
Mac malware targeting Tibetan supporters is being served on a website connected to the Dalai Lama. The Dockster Trojan, discovered by researchers at F-Secure, exploits the same Java vulnerability as the virulent Flashback Trojan that hit more than 600,000 OS X users earlier this year. F-Secure...