IBM Security Guardium Access Privilege Vulnerability

IBM Security Guardium is a data activity monitor product from IBM USA. The product offers features such as automated controls for compliance and protection against internal and external threats. A security vulnerability exists in the diag script of IBM Security Guardium. A local attacker could...

Two Instagram Android App Security Vulnerabilities

Affected app: Instagram for Android Affected versions: 4.0.2 and 4.1.2, probably also earlier versions as well as iOS affected. Summary After the Instagram iOS vulnerability discovered last year 1, the app's HTTP API has been extended with a cryptographic authentication for changes like "likes" a...

Small windows can be used in several ways to trick users into executing downloads

When the download dialog is displayed, it should always be visible to the user, to ensure that the user realizes it is there. If the dialog is displayed in a small enough window, the user may not realize it is being displayed, and if the right keyboard sequence is carefully followed, they can end...

mmouse-exec NSE Script

Connects to an RPA Tech Mobile Mouse server, starts an application and sends a sequence of keys to it. Any application that the user has access to can be started and the key sequence is sent to the application after it has been started. The Mobile Mouse server runs on OS X, Windows and Linux and...

Design/Logic Flaw

The Cisco PIX/ASA Finesse Operation System 7.1 and 7.2 allows local users to gain privileges by entering characters at the enable prompt, erasing these characters via the Backspace key, and then holding down the Backspace key for one second after erasing the final character. NOTE: third parties,...