153 matches found
SoftZone office demo prone to denial of service vulnerability
SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. A denial-of-service vulnerability exists in RZoffice Presentations.exe when processing special ppt files. An attacker can exploit the...
CVE-2017-12626
Apache POI in versions prior to release 3.17 are vulnerable to Denial of Service Attacks: 1 Infinite Loops while parsing crafted WMF, EMF, MSG and macros POI bugs 61338 and 61294, and 2 Out of Memory Exceptions while parsing crafted DOC, PPT and XLS POI bugs 52372 and 61295...
Open-Xchange: Stored XSS
Vulnerability Details: Script code within Presentations is being executed when transferring it to the clipboard. This is done by "copying" or "cutting" text using keyboard commands. Risk: Malicious script code can be executed within a users context. This can lead to session hijacking or triggerin...
Call For Customer Presentations at RSA Conference 2018!
Tell your security story to your peers at RSA Conference 2018 San Francisco! Qualys is looking for customers excited to share their security and DevSecOps successes, best practices and case studies leveraging the use of the Qualys Cloud Platform. Take the stage in the Qualys booth to share your...
icmai.in XSS vulnerability
Open Bug Bounty ID: OBB-422897 Description| Value ---|--- Affected Website:| icmai.in Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat Sheet...
ISACA Moscow Vulnerability Management Meetup 2017
Last Thursday, I attended a very interesting event entirely dedicated to Vulnerability Management - open ISACA Moscow meetup. Me and my former colleague from Mail.Ru Group Dmitry Chernobaj presented there our joint report "Enterprise Vulnerability Management: fancy marketing brochures and the...
Call for Papers: Qualys Security Conference 2017
Our annual user conference, QSC17, is quickly approaching and we are looking for customer presentations that showcase hot topics related to security and best practices via case studies leveraging the use of Qualys technologies. If you would like to be considered as a presenter, please send a...
icmai.in XSS vulnerability
Vulnerable URL: http://icmai.in/Knowledge-Bank/presentations2.php?page=5%22%3E%3Ch1%3EM0ns7er%3C/h1%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3C/br%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 03.08.2017 Vulnerability type:| XSS Vulnerability status:|...
We want YOU...to speak at UNITED 2017!
Are you an IT or security professional who secretly dreams of speaking to a group of passionate people facing the same challenges and celebrating the same victories as you? Dream no more: For the next three weeks, were accepting submissions for presentations at UNITED 2017 September 13-14 in...
CISO Forum 2017
Last week I have attended CISO Forum 2017 in Moscow. I was talking there about "Vulnerability Quadrants: automated hot topic detection in public vulnerability CVE flow". Today I want to share my impressions about the forum itself. To be short, I liked it very much. Both exhibition and...
THN Deal: Complete Linux Certification Training (Save 97%)
If you are also searching for the answers to what skills are needed for a job in cyber security, you should know that this varies widely based upon the responsibilities of a particular role, the type of company you want to work with, and especially on it’s IT architect. However, Linux is the most...
FreeBSD : Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations) (72f71e26-4f69-11e6-ac37-ac9e174be3af)
The Apache OpenOffice Project reports : An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted...
Apache OpenOffice 4.1.2 -- Memory Corruption Vulnerability (Impress Presentations)
The Apache OpenOffice Project reports: An OpenDocument Presentation .ODP or Presentation Template .OTP file can contain invalid presentation elements that lead to memory corruption when the document is loaded in Apache OpenOffice Impress. The defect may cause the document to appear as corrupted a...
Office HD: Presentations BASIC - Base64 encoded String, Customized SSL, Insecure KeyStore vulnerabilities
HackApp vulnerability scanner discovered that application Office HD: Presentations BASIC published at the 'play' market has multiple vulnerabilities...
Microsoft PowerPoint OfficeArt Atom Remote Code Execution (MS11-022) - Ver2 (CVE-2011-0976)
A remote code execution vulnerability has been identified in Microsoft PowerPoint. Microsoft PowerPoint is a popular graphics software for preparing slides and presentations. A remote attacker could exploit this issue via a malformed PowerPoint file. Successful exploitation of this vulnerability...
Corel Presentations X5 15.0.0.357 (shw) Buffer Preoccupation PoC
No description provided by source...
DefCamp 2013 - International Hacking and Information Security Conference in Romania
The Fourth Edition of an International Information Security Conference hosted in Romania , The DefCamp 2013 is now open for Call for Papers. Over 300 Security experts, Researchers, and Enthusiasts from Romania and neighboring countries are expected to take part in the event in Bucharest, at the...
Fedora Update for apache-poi FEDORA-2012-7686
Check for the Version of apache-poi OpenVAS Vulnerability Test Fedora Update for apache-poi FEDORA-2012-7686 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Fedora Update for apache-poi FEDORA-2012-7683
Check for the Version of apache-poi OpenVAS Vulnerability Test Fedora Update for apache-poi FEDORA-2012-7683 Authors: System Generated Check Copyright: Copyright c 2012 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under...
Developing and Sharing Tools for Professional Hackers
Professional hackers or security testers tend to write a lot of code. We write exploit code, fuzzers, code to handle esoteric protocols and data structures, unpackers, disassemblers, reversers, parsers, and so much more. We write this code because often what we’re doing is so specific that is...