IPMap 2.5 Shell Upload Vulnerability

IPMap suffers from remote shell upload vulnerabilities in the mobile IPMap v2.5 app for the apple ipad & iphone. IPMap v2.5 iPad iPhone - Arbitrary File Upload Web Vulnerabilities Introduction: ============= IPMap - IP Address Lookup Details & HTTP Wireless File Sharing with latest WorldWide IP...

Apple iPhone/iPad/iPod touch iOS 6.1之前版本安全绕过漏洞

BUGTRAQ ID: 57598 CVECAN ID: CVE-2013-0963 Apple iOS是由苹果公司开发的操作系统。 Apple iOS内身份认证服务中存在错误处理。当用户的AppleID证书验证失败时，用户的AppleID会被假定为空字符串。当有多个属于不同用户的系统进入这种状态时，依靠该认证方式的应用程序就会产生认证错误。 0 Apple iPhone 4.x Apple iPhone 3.x Apple iOS 3.x Apple iOS 2.x Apple Apple TV 5.x Apple Apple TV 4.x 厂商补丁： Apple -----...

Broadcom DoS on BCM4325 and BCM4329 devices

1. Advisory Information Title: Broadcom DoS on BCM4325 and BCM4329 devices Advisory ID: CORE-2012-0718 Advisory URL: http://www.coresecurity.com/content/broadcom-input-validation-BCM4325-BCM4329 Date published: 2012-10-23 Date of last update: 2012-10-23 Vendors contacted: Broadcom Corporation...

OPlayer 2.0.05 iPhone,iPod TC & iPad - Web Vulnerabilities

Document Title: =============== OPlayer 2.0.05 iPhone,iPod TC & iPad - Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=713 Release Date: ============= 2012-10-02 Vulnerability Laboratory ID VL-ID: ====================================...

OPlayer 2.0.05 iPhone,iPod TC & iPad - Web Vulnerabilities

Document Title: =============== OPlayer 2.0.05 iPhone,iPod TC & iPad - Web Vulnerabilities References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=713 Release Date: ============= 2012-10-02 Vulnerability Laboratory ID VL-ID: ====================================...

OPlayer 2.0.05 iOS Cross Site Scripting

Title: ====== OPlayer v2.0.05 iOS - Multiple Web Vulnerabilities Date: ===== 2012-10-01 References: =========== http://www.vulnerability-lab.com/getcontent.php?id=715 VL-ID: ===== 719 Common Vulnerability Scoring System: ==================================== 4.5 Introduction: ============= OPlayer...

An Interview With Eugene Kaspersky

Eugene Kaspersky has had an interesting, varied life, with more than his share of adventures, successes and challenges. He’s seen and done a lot, but when he learned that he was going to receive an honorary degree from Plymouth University in England he was taken aback. Excited, yes, and humbled,...

CVE-2012-2648

Cross-site scripting XSS vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser...

CVE-2012-2648

Cross-site scripting XSS vulnerability in the GoodReader app 3.16 and earlier for iOS on the iPad, and 3.15.1 and earlier for iOS on the iPhone and iPod touch, allows remote attackers to inject arbitrary web script or HTML via vectors involving use of this app in conjunction with a web browser...

CVE-2012-2648

CVE-2012-2648 is a cross-site scripting (XSS) vulnerability in the GoodReader app for iOS. The issue affects GoodReader versions 3.16 and earlier on the iPad and 3.15.1 and earlier on iPhone/iPod touch, where, when used in conjunction with a web browser, an attacker could inject arbitrary web scr...

PT-2012-4160 · Apple · Goodreader

Name of the Vulnerable Software and Affected Versions: GoodReader app versions 3.16 and earlier for iOS on the iPad GoodReader app versions 3.15.1 and earlier for iOS on the iPhone and iPod touch Description: The issue allows remote attackers to inject arbitrary web script or HTML via vectors...

JVN#01598734: GoodReader vulnerable to cross-site scripting

GoodReader is a document reader for Apple mobile devices. GoodReader contains a cross-site scripting vulnerability. Impact When GoodReader is used through a web browser, an arbitrary script may be executed on the user's web browser. Solution Update the software Update to the latest version...

NBCOlympics application detection for Apple iPad - (accessed) (deprecated)

Binary data 6526.prm...

NBCOlympics application detection for Apple iPad.

Binary data 6527.prm...

CVE-2012-0800

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

CVE-2012-0800

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

Design/Logic Flaw

The form-autocompletion functionality in Moodle 2.0.x before 2.0.7, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 makes it easier for physically proximate attackers to discover passwords by reading the contents of a non-password field, as demonstrated by accessing a create-groups page with Safari on...

Apple iOS 5.1.1 Safari Browser - JS match() search() Crash (PoC)

Apple iOS 5.1.1 Safari Browser - JS match search Crash PoC !/usr/bin/env ruby - Title iOS \n\ Crash PoC\n\ \n\ var s = "poc";\n\ s.match"chrbufferlen";\n\ \n\ "; def help puts "iOS = v5.1.1 Safari Browser JS match, search Crash PoC" puts "$0 -p bindport -h bindaddress --verbose" end Parsing...

Apple Releases iOS 5.1.1

Apple has released iOS 5.1.1 for iPhone, iPod, iPad, and iPad 2 to address multiple vulnerabilities. These vulnerabilities may allow an attacker to execute arbitrary code, perform a cross-site-scripting attack, or spoof a website address. US-CERT encourages users and administrators to review Appl...

Permanent Reverse TCP Backdoor for IPhone and IPad

Security Expert from Coresec explains the use of a Permanent Reverse TCP Backdoor "sbd-1.36" for IPhone and IPad developed by Michel Blomgren. sbd is a Netcat-clone, designed to be portable and offer strong encryption. It runs on Unix-like operating systems and on Microsoft Win32. sbd features...