Cisco AnyConnect Secure Mobility Client and Secure Desktop WebLaunch Software Downgrade Vulnerability

Cisco AnyConnect Secure Mobility Client and Secure Desktop contain a vulnerability that could allow an unauthenticated, remote attacker to replace software components on a targeted system. The vulnerability exists because the affected software performs insufficient validation of user-supplied...

Mac OS X : Java for Mac OS X 10.6 Update 9

The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 9, which updates the Java version to 1.6.033. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with the...

Mac OS X : Java for OS X 2012-004

The remote Mac OS X 10.7 host is running a version of Java for Mac OS X that is missing update 2012-004, which updates the Java version to 1.6.033. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code...

WebSploit Toolkit 1.6 Released

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability Description : +Autopwn - Used From Metasploit For Scan and Exploit Target Service +wmap - Scan,Crawler Target Used From Metasploit wmap plugin +format infector - inject reverse & bind payload into file form...

Opera Browser Multiple Vulnerabilities-02 (Jul 2011) - Mac OS X

Opera browser is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SE-2012-01] Security vulnerabilities in Java SE

Dear Bugtraq, Security Explorations, a security and vulnerability research company from Poland, discovered multiple security issues in the latest version of Java Platform Standard Edition Java SE 1 software coming from Oracle Corporation 2. Discovered security issues violate many "Secure Coding...

Mac OS X : Java for OS X Lion 2012-001

The remote Mac OS X host is running a version of Java for Mac OS X 10.7 that is missing update 2012-001, which updates the Java version to 1.6.031. As such, it is affected by several security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code...

NX Web Companion Spoofing Arbitrary Code Execution Vulnerability

Vuln Title: NX Web Companion Spoofing Arbitrary Code Execution Vulnerability Date: 25.01.2012 Author: otr Software Link: http://www.nomachine.com/documents/plugin/install.php Version: = 3.x Tested on: Linux, Windows, Mac OS X x86, Mac OS X PPC, Solaris CVE : None, yet Summary The No Machine NX We...

Oracle Java Applet剪贴板注入远程代码执行漏洞

CVE ID：CVE-2010-4465 Oracle Java Runtime Environment是一款为JAVA应用程序提供可靠的运行环境的解决方案。 由于不充分防御系统剪贴板劫持攻击。当in focus时，恶意组件可无需用户交互获取系统剪贴板的句柄。然后可从剪贴板中读取数据或写入。通过把TransferableProxy对象写入到系统剪贴板，并强制粘贴操作，可调用JRE用户上下文执行任意代码 Oracle Java Runtime 厂商解决方案 用户可参考如下供应商提供的安全公告获得补丁信息：...

Java Applet Rhino Script Engine Remote Code Execution

This module exploits a vulnerability in the Rhino Script Engine that can be used by a Java Applet to run arbitrary Java code outside of the sandbox. The vulnerability affects version 7 and version 6 update 27 and earlier, and should work on any browser that supports Java for example: IE, Firefox,...

Java Applet Rhino Script Engine Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3 'Jav...

GLSA-201111-05 : Chromium, V8: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-201111-05 Chromium, V8: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact : A context-dependent...

Chromium, V8: Multiple vulnerabilities

Background Chromium is an open-source web browser project. V8 is Google's open source JavaScript engine. Description Multiple vulnerabilities have been discovered in Chromium and V8. Please review the CVE identifiers and release notes referenced below for details. Impact A context-dependent...

Java for Mac OS X 10.6 Update 6 And 10.7 Update 1

This host is missing an important security update according to Java for Mac OS X 10.6 Update 6 and 10.7 Update 1. OpenVAS Vulnerability Test $Id: secpodmacosxjava106upd6and107upd1.nasl 7019 2017-08-29 11:51:27Z teissa $ Java for Mac OS X 10.6 Update 6 And 10.7 Update 1 Authors: Rachana Shetty...

Mac OS X : Java for Mac OS X 10.6 Update 6 (BEAST)

The remote Mac OS X host is running a version of Java for Mac OS X 10.6 that is missing Update 6, which updates the Java version to 1.6.029. It is, therefore, affected by multiple security vulnerabilities, the most serious of which may allow an untrusted Java applet to execute arbitrary code with...

Major DNS Cache Poisoning Attack Hits Brazilian ISPs

There is a large-scale DNS cache-poisoning attack going on in Brazil at the moment, with potentially millions of users affected by a tactic that is forcing the to install a malicious Java applet before they can reach many popular sites, including Google, Gmail and Hotmail. The attack has been goi...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...

Microsoft Forefront Unified Access Gateway Java Applet Signed Code Execution

Added: 10/17/2011 CVE: CVE-2011-1969 BID: 49983 OSVDB: 76236 Background Microsoft Forefront Unified Access Gateway UAG is a reverse proxy and VPN solution. Problem End users of UAG must install a signed Java applet via MicrosoftClient.jar. This applet loads unsigned Java classes, which may allow ...