Exim Internet Mailer Found Vulnerable to RCE And DoS Bugs; Patch Now

A security researcher has discovered and publicly disclosed two critical vulnerabilities in the popular Internet mail message transfer agent Exim, one of which could allow a remote attacker to execute malicious code on the targeted server. Exim is an open source mail transfer agent MTA developed...

HP Printers RCE Vulnerability (CVE-2017-2750)

Multiple HP Printers are vulnerable to remote code execution RCE attacks. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is fr...

HP to Patch RCE Bug Impacting 50 Enterprise Printer Models

UPDATE HP Inc. said it has released firmware patches for dozens of enterprise-class printer models affected by an arbitrary code execution bug. According to a security bulletin posted by HP, the vulnerability CVE-2017-2750 is tied to “insufficient solution DLL signature validation” allowing for...

Apache OpenOffice 'Unquoted Search Path' and RCE Vulnerabilities

Apache OpenOffice is prone to an unquoted windows search path and remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

WordPress: Arbitrary file deletion in wp-core - guides towards RCE and information disclosure

Vulnerable place 1: wp-admin/post.php $newmeta'thumb' is placed into DB not sanitized directly from user input. case 'editattachment': checkadminreferer'update-post' . $postid; // Don't let these be changed unset$POST'guid'; $POST'posttype' = 'attachment'; // Update the thumbnail filename $newmet...

Automattic: [Simplenote for Windows] Client RCE via External JavaScript Inclusion leveraging Electron

Hi, A carefully crafted injection in the Markdown parser within Simplenote for Windows can be leveraged to achieve remote code execution via an external JavaScript file. The nature of Simplenote's content sharing system, which makes use of tags containing email addresses, means that an adversary...

Multiple Vulnerabilities in LibXL Library Open Door to RCE Attacks

Researchers have identified seven vulnerabilities in the LibXL C library, used to read Excel files. Each of the vulnerabilities are rated 8.8 in severity on the Common Vulnerability Scoring System scale. Attackers could exploit each of the vulnerabilities and perform remote code execution attacks...

Remote Code Execution (RCE)

zetacomponents/mail is vulnerable to remote code execution RCE attacks. The attacks can be launched using a malicious email address for example: -X/path/to/wwwroot/file.php since the application does not restrict the set of characters used in ezcMail returnPath property...

Remote Code Execution (RCE)

brooklyn-utils-common is vulnerable to remote code execution RCE attacks. The library by default allows the unmarshalling of Java types available to that classpath. This allows an attacker to inject and execute arbitrary code by passing a malicious yaml file to the application...

Zeta Components Mail 1.8.1 - Remote Code Execution Vulnerability

Exploit for php platform in category web applications Vendor: Zeta Components module: Mail, returnPath-email”; If attacker assign email address like: 'email protected -X/var/www/html/cache/exploit.php' and inject payload in mail body, sendmail will transfer log-X into...

BlueBorne RCE on Android 6.0.1 (CVE-2017-0781)

A few days ago, the company Armis published a proof of concept PoC of a remote code execution vulnerability in Android via Bluetooth CVE-2017-0781, known as BlueBorne. Although BlueBorne refers to a set of 8 vulnerabilities, this PoC uses only 2 of them to achieve its goal. The exploitation proce...

Adobe Shockwave Player <= 12.2.9.199 Memory Corruption RCE (APSB17-40)

The version of Adobe Shockwave Player installed on the remote host is equal or prior to 12.2.9.199. It is, therefore, affected by an unspecified memory corruption vulnerability that could lead to code execution. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid104628;...

Adobe Photoshop CC Multiple Remote Code Execution Vulnerabilities (APSB17-34) - Windows

Adobe Photoshop CC is prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Polycom Shell HDX Series Traceroute Command Execution

Within Polycom command shell, a command execution flaw exists in lan traceroute, one of the dev commands, which allows for an attacker to execute arbitrary payloads with telnet or openssl. This module requires Metasploit: https://metasploit.com/download Current source:...

CVE-2017-12634

It was found that Apache Camel contains a security vulnerability via camel-castor component. An attacker can utilize this flaw to deserialize a malicious object on the target machine which could lead to Remote Code Execution RCE...

Immunity Canvas: COUCHDB_ROLES

Name| couchdbroles ---|--- CVE| CVE-2017-12635 Exploit Pack| CANVAS Description| Apache CouchDB Authentication Bypass RCE Notes| CVE Name: CVE-2017-12635 VENDOR: http://couchdb.apache.org/ Notes: 12/8/2017 Windows 10 / CouchDB 2.0.0 - Exploit created Ubuntu 14.04 / CouchDB 1.5.0 - Exploit created...

MyBB < 1.8.13 Multiple Vulnerabilities

MyBB is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mybb:mybb"; ifdescription...

Zyxel NBG6716 RCE Vulnerability

Zyxel NBG6716 devices allow command injection in the ozkerz component because beginIndex and endIndex are used directly in a popen call. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right...

D-Link DGS-1500 Ax RCE Vulnerability

D-Link DGS-1500 Ax devices before 2.51B021 are vulnerable to remote code execution RCE. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if...

Rockstar Games: SMB SSRF in emblem editor exposes taketwo domain credentials, may lead to RCE

In this report, the researcher found that by submitting crafted SVG files, he was able to establish a listener on our server that enabled SSRF attacks. This potentially could have been pivoted to carry out more damaging attacks as well. We improved our validation of user-submitted SVG files to...