Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)

Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts MS15-097 Source: https://code.google.com/p/google-security-research/issues/detail?id=433 --- The attached PoC demonstrates a UAF condition with printer device contexts. The PoC will trigger on Win 7 32-bit with Special Pool...

Microsoft Windows Kernel - Use-After-Free with Printer Device Contexts (MS15-097)

Source: https://code.google.com/p/google-security-research/issues/detail?id=433 --- The attached PoC demonstrates a UAF condition with printer device contexts. The PoC will trigger on Win 7 32-bit with Special Pool enabled. --- Proof of Concept:...

JVN#07427376: PIXMA MG7500 Series vulnerable to cross-site request forgery

PIXMA MG7500 Series provided by Canon Inc. contain a cross-site request forgery vulnerability. Impact If a user views a malicious page while logged into the Remote UI, unintended operations may be performed. Solution Apply a Workaround The following workaround can mitigate the affects of this...

IPPUSBXD Elevation of Privilege Vulnerability

IPPUSBXD is a daemon for the IPP-over-USB printer support program. A security vulnerability exists in IPPUSBXD versions prior to 1.22, which originates from the program listening on all interfaces. A remote attacker could exploit the vulnerability by sending a direct request to gain access to a...

Design/Logic Flaw

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/printwebviewhelper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC...

CVE-2015-1295

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/printwebviewhelper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC...

chromium-browser: Use-after-free in Printing

Multiple use-after-free vulnerabilities in the PrintWebViewHelper class in components/printing/renderer/printwebviewhelper.cc in Google Chrome before 45.0.2454.85 allow user-assisted remote attackers to cause a denial of service or possibly have unspecified other impact by triggering nested IPC...

CVE-2015-6520

CVE-2015-6520 affects ippusbxd (cups-filters) prior to 1.22. The daemon listens on all interfaces, enabling remote attackers to access USB-connected printers via a direct request. Impact is local network exposure of printers; Ubuntu announced USN-2725-1 with a fix in cups-filters-ippusbxd 1.0.67-...

Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure

Samsung SyncThruWeb 2.01.00.26 - SMB Hash Disclosure Exploit Title: Samsung SyncThruWeb SMB Hash Disclosure Date: 8/28/15 Exploit Author: Shad Malloy Contact: http://twitter.com/SecureNM Website: https://securenetworkmanagement.com Vendor Homepage: http://www.samsung.com Software Link:...

USN-2725-1: cups-filters vulnerability

Seth Arnold discovered that ippusbxd in the cups-filters package would incorrectly listen to all configured network interfaces. A remote attacker could use this issue to possibly access locally-connected printers...

Printer Pro 5.4.3 IOS - Cross Site Scripting Vulnerability

Exploit for iOS platform in category local exploits Document Title: =============== Printer Pro 5.4.3 IOS - Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar email protected taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Service...

Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting

Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting Document Title: =============== Printer Pro 5.4.3 IOS - Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Servi...

Printer Pro 5.4.3 IOS - Persistent Cross-Site Scripting

Document Title: =============== Printer Pro 5.4.3 IOS - Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Service Introduction: =============================== Print...

Printer Pro 5.4.3 Cross Site Scripting

Document Title: =============== Printer Pro 5.4.3 IOS - Cross Site Scripting Credits & Authors: ================== TaurusOmar - @TaurusOmar [email protected] taurusomar.blogspot.com Release Date: ============= 2015-08-11 Product & Service Introduction: =============================== Print...

CVE-2003-1603

GE Healthcare Discovery VH has a default password of 1 interfile for the ftpclient user of the Interfile server or 2 "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors...

CVE-2003-1603

CVE-2003-1603 affects GE Healthcare Discovery VH and Millenium VG (and related GE devices listed in ICS advisory) due to default/hard-coded credentials. Root cause: credentials (ftpclient: interfile; LOCAL: 2) left unchanged, enabling remote authentication bypass. Impact in sources: potential rem...

CVE-2003-1603

GE Healthcare Discovery VH has a default password of 1 interfile for the ftpclient user of the Interfile server or 2 "2" for the LOCAL user of the FTP server for the Codonics printer, which has unspecified impact and attack vectors...

CVE-2001-1594

GE Healthcare eNTEGRA P&R has a password of 1 entegra for the entegra user, 2 passme for the super user of the Polestar/Polestar-i Starlink 4 upgrade, 3 0 for the entegra user of the Codonics printer FTP service, 4 eNTEGRA for the eNTEGRA P&R user account, 5 insite for the WinVNC Login, and...

USN-2699-1: HPLIP vulnerability

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a machine-in-the-middle attack on printer plugin installations...

USN-2699-1 hplip vulnerability

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a machine-in-the-middle attack on printer plugin installations...