Total Video Player 1.3.1 - 'Settings.ini' Local Buffer Overflow (SEH) (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Total Video Player 1.3.1 Settings.ini - SEH Buffer Overflow', 'Description' = %q This module exploits a buffer overflow in Total Vid...

Total Video Player 1.3.1 (Settings.ini) - SEH Buffer Overflow

This module exploits a buffer overflow in Total Video Player 1.3.1. The vulnerability occurs opening malformed Settings.ini file e.g. "C:\Program Files\Total Video Player". This module has been tested successfully on Windows WinXp-Sp3-EN, Windows 7, and Windows 8. This module requires Metasploit:...

Microsoft Ships IE 10 Zero Day Fix-It Tool

Microsoft last night released a Fix-It tool as a temporary mitigation for a zero-day vulnerability in Internet Explorer 10 being exploited by two hacker groups against the Veterans of Foreign Wars in the U.S. as well as a French aerospace manufacturer. IE 9 also contains the same use-after free...

Second Group Seen Using IE 10 Zero Day

There are at least two different groups running attacks exploiting the recently published zero day vulnerability in Internet Explorer 10, and researchers say one of the groups used the bug to impersonate a French aerospace manufacturer and compromise victims visiting the spoofed Web page. The...

Updated moodle package fixes security vulnerabilities

Updated moodle package fixes security vulnerabilities: In Moodle before 2.4.8, some password changes on admin pages were being recorded and shown to administrators in the config log report CVE-2014-0008. In Moodle before 2.4.8, users were able to log in as a user who in a is not in the same group...

WordPress BuddyPress Plugin <= 1.9.1 - XSS

Because of this vulnerability, authenticated users can inject arbitrary web script or HTML via the name field to groups/create/step/group-details. Solution Update the plugin...

Governments Need to Discuss Use of Cyber Weapons

PUNTA CANA–Attacks on critical infrastructure have been grabbing headlines for years now, long before sophisticated operations such as Stuxnet and Flame hit the scene. But we’re probably still in the early stages of the evolution of such attacks, and the use of so-called cyber weapons in these...

Cost of Doing APT Business Dropping

PUNTA CANA–The term APT often is used as a generic descriptor for any group–typically presumed to be government-backed and heavily financed–that is seen attacking high-value targets such as government agencies, critical infrastructure and financial systems. But the range of targets APT groups are...

JGroups: Authentication via cached credentials

The DiagnosticsHandler in JGroup 3.0.x, 3.1.x, 3.2.x before 3.2.9, and 3.3.x before 3.3.3 allows remote attackers to obtain sensitive information diagnostic information and execute arbitrary code by reusing valid credentials...

How do I get my data out of Nexpose? Answer: SQL Query Export

Do any of these these questions sound familiar? "Printable reports are really valuable and I use them on a daily basis. However, is there a section that I can add to show a summary by asset group or site?" "I really like the XML format, but its a little hard to process and I have to write code to...

Blackhole Exploit Kit Successor Years Away

It should shock no one that a viable successor to the Blackhole exploit kit has yet to emerge in the criminal underground. It’s been less than three months since the arrest of its alleged creator Paunch sent cybercriminals reliant on the toolkit scrambling for a replacement. And like any profitab...

SA-CONTRIB-2013-097 - OG Features - Access bypass

This module enables you to enable and disable bundles of functionality for individual Organic groups. In order to provide this functionality, this module must override all menu callbacks available in the system, in order to delegate access based on the current Organic group you are contextually i...

samba security, bug fix, and enhancement update

3.6.9-164 - resolves: 1008574 - Fix offline logon cache not updating for cross child domain group membership. 3.6.9-163 - resolves: 1015359 - Fix CVE-2013-0213 and CVE-2013-0214 in SWAT. 3.6.9-162 - resolves: 978007 - Fix 'valid users' manpage documentation. 3.6.9-161 - resolves: 997338 - Fix...

Total Video Player 1.3.1 - Settings.ini Local Buffer Overflow (SEH)

Total Video Player 1.3.1 - Settings.ini Local Buffer Overflow SEH !/usr/bin/perl Exploit Title: Total Video Player 1.3.1 Settings.ini - SEH Buffer Overflow Date: 11-24-2013 Exploit Author: Mike Czumak Tv3rn1x -- @SecuritySift Vulnerable Software: Total Video Player 1.3.1...

LimeSurvey 2.00+ (build 131107) - Multiple Vulnerabilities

LimeSurvey 2.00+ build 131107 - Multiple Vulnerabilities LimeSurvey v2.00+ build 131107 Script Insertion And SQL Injection Vulnerability Vendor: LimeSurvey Project Team Product web page: http://www.limesurvey.org Affected version: 2.00+ build 131009 2.00+ build 131022 2.00+ build 131031 2.00+...

SA-CONTRIB-2013-095 - Organic Groups - Access bypass

Two issues exist within entity references and permissions relating to OG, allowing users potential access bypass. Posting content into groups where a user is not a member Organic Groups does not sufficiently check the group audience fields e.g. oggroupref field from being populated with invalid...

Fedora 20 : ReviewBoard-1.7.16-2.fc20 / python-djblets-0.7.21-1.fc20 (2013-18840)

Review Board 1.6.19 and 1.7.15 fix a few issues in the API where users could access certain data they should not have been able to access, if using the Local Sites feature, invite-only groups, or private repositories. It also fixes cases with invite-only groups where the group name and list of...

DEBIAN-CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...

CVE-2013-4497

The XenAPI backend in OpenStack Compute Nova Folsom, Grizzly, and Havana before 2013.2 does not properly apply security groups 1 when resizing an image or 2 during live migration, which allows remote attackers to bypass intended restrictions...