[SECURITY] Fedora 17 Update: kfourinline-4.10.5-1.fc17

KFourInLine is a four-in-a-row game. The players try to build up a row of four pieces using different strategies. Pieces are placed on a board. The game can also be played against a computer...

TrustGo Antivirus & Mobile Security contains a denial-of-service vulnerability

Overview TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 contain a denial-of-service CWE-20 vulnerability. Description CWE-20:Improper Input Validation- CVE-2013-3580TrustGo Antivirus & Mobile Security versions 1.2.7 through 1.3.5 crash if an intent is sent to...

Light Audio Mixer 1.0.12 Crash

Exploit Title: Light Audio Mixer Version 1.0.12 .wav - Crash POC Date: 14-07-2013 Exploit Author: ariarat Software Link: http://download.cnet.com/Light-Audio-Mixer/3000-21394-10791607.html Version: 1.0.12 Tested on: Windows XP sp3...

Light Audio Mixer 1.0.12 - '.wav' Crash (PoC)

Exploit Title: Light Audio Mixer Version 1.0.12 .wav - Crash POC Date: 14-07-2013 Exploit Author: ariarat Software Link: http://download.cnet.com/Light-Audio-Mixer/3000-21394-10791607.html Version: 1.0.12 Tested on: Windows XP sp3...

Another Android Master Key Attack Published

A second Android Master Key attack has been reported that takes advantage of the vulnerability in the way Android reads APK files, enabling hackers to modify signed legitimate apps with malware. The vulnerability occurs in the way Android conducts integrity checks on APK files. An attacker could...

VUPEN Security Research - Oracle Java Preloader Click-2-Play Warning Bypass Vulnerability

VUPEN Security Research - Oracle Java Applet Preloader Click-2-Play Warning Bypass Vulnerability Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Java is the foundation for virtually every type of networked application and is the global standa...

Exploit for most critical Android vulnerability publicly released

What if hackers could take an existing legitimate app or update with a valid digital signature, and modify it in order to use it as a malicious Trojan to access everything on your Android phone or tablet? Last week, researchers from Bluebox Security announced that the Android operating system has...

Exploit for most critical Android vulnerability publicly released

What if hackers could take an existing legitimate app or update with a valid digital signature, and modify it in order to use it as a malicious Trojan to access everything on your Android phone or tablet? Last week, researchers from Bluebox Security announced that the Android operating system has...

Android vulnerability allows hackers to modify apps without breaking signatures

Almost all Android handsets are vulnerable to a flaw that could allow hackers to seize control of a device to make calls, send texts, or build a mobile botnet, has been uncovered by Bluebox Security .i.e almost 900 million Android devices globally. Or simply, The Flaw allow hackers to modify any...

Android Vulnerability Bypasses App's Digital Signature

A vulnerability exists in the Android code base that would allow a hacker to modify a legitimate, digitally signed Android application package file APK and not break the app’s cryptographic signature—an action that would normally set off a red flag that something is amiss. Researchers at startup...

Fedora Update for kblocks FEDORA-2013-10130

Check for the Version of kblocks OpenVAS Vulnerability Test Fedora Update for kblocks FEDORA-2013-10130 Authors: System Generated Check Copyright: Copyright c 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

Java Applet Driver Manager Privileged toString() Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' class Metasploit3 false def initialize inf...

Java Applet Driver Manager Privileged toString() Remote Code Execution

This Metasploit module abuses the java.sql.DriverManager class where the toString method is called over user supplied classes, from a doPrivileged block. The vulnerability affects Java version 7u17 and earlier. This exploit bypasses click-to-play on IE throw a specially crafted JNLP file. This...

MiniUPnPd 1.0 - Remote Stack Buffer Overflow Remote Code Execution (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'MiniUPnPd 1.0 Stack Buffer Overflow...

MiniUPnPd 1.0 Stack Buffer Overflow Remote Code Execution

This module exploits the MiniUPnP 1.0 SOAP stack buffer overflow vulnerability present in the SOAPAction HTTP header handling. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'MiniUPnPd 1.0 Stac...

Malicious Firefox, Chrome Extensions Target Facebook Users

Facebook users are being warned of malicious Firefox and Chrome extensions that can give an attacker remote control over a Facebook profile. Microsoft has seen an increase in activity around these extensions, in particular in Brazil. The threat is detected as Trojan:JS/Febipos.A and has been...

Pentagon Decision Moves Android Security in Right Direction

Android’s security gets its share of grief, but perhaps it’s been a bit misguided. Like many other popular open source technologies, there are a number of different flavors of the mobile platform, each with its security properties and nuances. That’s why the Pentagon’s decision to endorse the use...

Pentagon Approves Samsung KNOX Android Platform for DoD

Android has long been the outcast of mobile device security largely because hackers have been adept at getting malware onto the platform via third-party application marketplaces and lax submission policies on Google Play. The security of the operating system itself, however, hasn’t been challenge...

Google Play Android Apps Must Update in Google Store

The Google Play store has been an Eden for hackers wanting to get malicious code onto Android devices. A number of things made the marketplace too tempting for attackers to resist, including the open source nature of the operating system, lax vetting of developers, and the ability to modify code ...

Google bans Facebook and other self updating Android apps

Google just released a new Play Store version 4.0.27 that, contains only very minor tweaks and Google has changed the rules of its Google Play Store to put an end to the practice of developers updating their apps through their own means rather than the official Google Play channel. Shortly before...