CVE-2017-7530

It was found that privilege check is missing when invoking arbitrary methods via filtering on VMs that MiqExpression will execute that is triggerable by API users. An attacker could use this to execute actions they should not be allowed to e.g. destroying VMs...

Revoke-Obfuscation: PowerShell Obfuscation Detection Using Science

Many attackers continue to leverage PowerShell as a part of their malware ecosystem, mostly delivered and executed by malicious binaries and documents. Of malware that uses PowerShell, the most prevalent use is the garden-variety stager: an executable or document macro that launches PowerShell to...

CopyKittens Exposed by ClearSky and Trend Micro

CopyKittens is a cyberespionage group that ClearSky has been reporting on since 2015, tracking their attacks on government-related bodies around the world. Trend Micro has supported this research at several points, including for their latest report released today on the group’s vast espionage...

CVE-2017-7685

Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH...

Design/Logic Flaw

Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH...

CVE-2017-7685

Apache OpenMeetings 1.0.0 responds to the following insecure HTTP methods: PUT, DELETE, HEAD, and PATCH...

CVE-2017-7685

Apache OpenMeetings 1.0.0 is reported to respond to insecure HTTP methods (PUT, DELETE, HEAD, PATCH). The available connected sources confirm this behavior but do not provide concrete details on root cause, affected versions beyond 1.0.0, exploit scenarios, or remediation steps. No fixes or mitig...

Apache Httpd < 2.4.28 : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")

When an unrecognized HTTP Method is given in an directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusu...

Apache Httpd < 2.2.35-never : Use-after-free when using <Limit > with an unrecognized method in .htaccess ("OptionsBleed")

When an unrecognized HTTP Method is given in an directive in an .htaccess file, and that .htaccess file is processed by the corresponding request, the global methods table is corrupted in the current worker process, resulting in erratic behaviour. This behavior may be avoided by listing all unusu...

Description of the security update for Office 2010: July 11, 2017

Description of the security update for Office 2010: July 11, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Apache ActiveMQ Fileserver remote code execution vulnerability(CVE-2016-3088)

Author: The know Chong Yu 404 laboratory 1. Background overview ActiveMQ is an Apache Software Foundation under an open source message-driven middleware software. Jetty is an open source servlet container, it is based on Java web container such as JSP and servlet to provide the running...

Description of the security update for Outlook 2010: June 13, 2017

Description of the security update for Outlook 2010: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Description of the security update for Word 2010: June 13, 2017

Description of the security update for Word 2010: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Common...

Description of the security update for Skype for Business 2016: June 13, 2017

Description of the security update for Skype for Business 2016: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

Microsoft Internet Explorer InsertRow Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Weblate: Weblate |Security Misconfiguration| Method Enumeration Possible on domain

Hi Team, I have found an instance in application where application is alllowing OPTIONS method to be processed in HTTP request from weblate.org and in response to my request i got the information that these methods are allowed by application server "GET, HEAD, OPTIONS" Ideally server should not...

Fraudsters Exploited Lax Security at Equifax’s TALX Payroll Division

Identity thieves who specialize in tax refund fraud had big help this past tax year from Equifax, one of the nation's largest consumer data brokers and credit bureaus. The trouble stems from TALX, an Equifax subsidiary that provides online payroll, HR and tax services. Equifax says crooks were ab...

Description of the security update for Office Online Server: May 9, 2017

Description of the security update for Office Online Server: May 9, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft Commo...

Description of the security update for 2007 Microsoft Office Suite: May 9, 2017

Description of the security update for 2007 Microsoft Office Suite: May 9, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsof...

PowerStager - A payload stager using PowerShell

This script creates an executable stager that downloads a selected powershell payload, loads it into memory and executes it using obfuscated EC methods. The script will also encrypt the stager for dynamic signatures and some additional obfuscation. This enables the actual payload to be executed...