CVE-2016-7991

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542...

CVE-2016-7991

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542...

CVE-2016-7990

On Samsung Galaxy S4 through S7 devices, an integer overflow condition exists within libomacp.so when parsing OMACP messages within WAP Push SMS messages leading to a heap corruption that can result in Denial of Service and potentially remote code execution, a subset of SVE-2016-6542...

CVE-2016-7989

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...

Design/Logic Flaw

On Samsung Galaxy S4 through S7 devices, a malformed OTA WAP PUSH SMS containing an OMACP message sent remotely triggers an unhandled ArrayIndexOutOfBoundsException in Samsung's implementation of the WifiServiceImpl class within wifi-service.jar. This causes the Android runtime to continually...

Design/Logic Flaw

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542...

CVE-2016-7989

CVE-2016-7989 affects Samsung Galaxy S4–S7. A malformed OTA WAP PUSH SMS containing an OMACP message triggers an unhandled ArrayIndexOutOfBoundsException in Samsung’s WifiServiceImpl (wifi-service.jar), causing the Android runtime to crash repeatedly and render the device unusable until a factory...

CVE-2016-7991

On Samsung Galaxy S4 through S7 devices, the "omacp" app ignores security information embedded in the OMACP messages resulting in remote unsolicited WAP Push SMS messages being accepted, parsed, and handled by the device, leading to unauthorized configuration changes, a subset of SVE-2016-6542...

CVE-2016-7991

The CVE affects Samsung Galaxy S4 through S7 devices where the omacp app ignores security information embedded in OMACP messages. This allows remote unsolicited WAP Push SMS messages to be accepted, parsed, and acted upon, leading to unauthorized configuration changes. Root cause is the omacp han...

Malicious Links Top Source of Mobile Trojans

Cheetah Mobile says the scourge of Ghost Push malware is still taking its toll on Android devices nearly two years after making its debut. Now the research firm is trying to track down how Ghost Push and other Trojans have remained so prolific despite mitigation efforts. In a report released Frid...

PHP wddx module release re-reference vulnerability

PHP is an open source general-purpose computer scripting language maintained by the PHP Group and the open source community. A heap block release dereference vulnerability exists in the phpwddxpushelement function of the PHP wddx module, which could allow a remote attacker to execute arbitrary co...

Inteno EG101R1 VoIP Router - DNS Change

!/bin/bash Inteno EG101R1 VoIP Router Unauthenticated Remote DNS Change Exploit Copyright 2016 c Todor Donev https://www.ethical-hacker.org/ https://www.facebook.com/ethicalhackerorg Description: The vulnerability exist in the web interface, which is accessible without authentication. Once...

Android Will Alert You When A New Device Logs-in Your Google Account

Google has rolled out a new feature for Android users to keep its users account more secure: Native Android Push Notification when a new device accesses your Google account. Google has already been offering email notification for newly added devices, but since people usually ignore emails, the te...

The vulnerability of the Linux operating system, which allows a malicious individual to trigger a service failure

Improper processing of IPv6 sockets using the UDPCORK option in the udpv6pushpendingframes function can lead to service failures...

openSUSE Security Update : libxml2 (openSUSE-2016-662)

libxml2 was updated to fix security issues and a regression from the last version update. Security issues fixed : - CVE-2016-3627: Fixed stack exhaustion while parsing certain XML files in recovery mode bnc972335. - CVE-2016-3705: Improved protection against the Billion Laughs Attack bnc975947...

Getting Started with Citrix Secure Mail

The purpose of this getting started guide is to provide a reference document with key information about Citrix Citrix Secure Mail. Navigation: What is Secure Mail? Citrix Secure Mail Connection Modes List of Supported Mail Servers Citrix Secure Mail w/ IBM Notes Supported File Formats Push...

CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

DEBIAN-CVE-2016-3630

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

PYSEC-2016-29

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...

PYSEC-2016-29

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a 1 clone, 2 push, or 3 pull command, related to a a list sizing rounding error and b short records...