Keen Lab Takes Down iPhone 6S, Nexus 6P, at Mobile Pwn2Own

Hackers identified a series of vulnerabilities in Android and iOS to take down a Google Nexus 6P and an Apple iPhone 6S this week at Mobile Pwn2Own. The mobile version of the popular hacking challenge, put on by Trend Micro and Tipping Point’s Zero Day Initiative, was held in tandem with the...

Netflix Users Targeted by Microsoft Silverlight Exploits

Netflix, the world’s largest Internet Video Subscription service with more than 35.7 million customers in U.S alone, that runs on the Microsoft Silverlight platform, has now become a popular target for cybercriminals, as public awareness of Java and Flash flaws is increasing. Silverlight is a...

ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-12-153 August 22, 2012 - -- CVE ID: CVE-2012-0670 - -- CVSS: 7.5, AV:N/AC:L/Au:N/C:P/I:P/A:P - -- Affected Vendors:...

ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability

ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-185 June 8, 2011 -- CVE ID: CVE-2011-0862 -- CVSS: 9, AV:N/AC:L/Au:N/C:P/I:P/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Java Runtime --...

LANDesk Management Suite 8.7 - Alert Service Buffer Overflow (Metasploit)

$Id: landeskaolnsrvr.rb 9262 2010-05-09 17:45:00Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...

HP OpenView Network Node Manager (OV NNM) 7.53 - 'ovalarm.exe' CGI Remote Buffer Overflow

!/usr/bin/python HP NNP ovalarm.exe CGI Remote Buffer Overflow - Pre Authentication Tested on XP SP3 + IIS + NNM Release B.07.50 Authors: muts & sinn3r x90.sinner a.t gmail.c0m Reference: http://dvlabs.tippingpoint.com/advisory/TPTI-09-12...

CanSecWest: Caution, community at play

CanSecWest, in beautiful Vancouver BC, is one of my favorite conferences each year. It’s a cozy little security con that brings together security researchers from all parts of the security ecosystem. Like a PhNeutral or a BlueHat, one never quite knows what to expect out of a CanSecWest, but we d...

Trend Micro ServerProtect fails ENG_SetRealTimeScanConfigInfo() stack buffer overflow

Overview Trend Micro ServerProtect contains a stack-based buffer overflow. Description Trend Micro ServerProtect fails to properly handle data passed to the ENGSetRealTimeScanConfigInforoutine possibly allowing a stack-based buffer overflow to occur. This overflow can be triggered by sending a...

IBM Tivoli Storage Manager Server vulnerable to buffer overflow

Overview A buffer overflow condition exists in the IBM Tivoli Storage manager server. If successfully exploited, this vulnerability would allow an attacker to cause a denial-of-service condition or possibly execute arbitrary code. Description The IBM Tivoli Storage Manager TSM is a remote backup...

Microsoft Server Service Mailslot vulnerable to heap overflow

Overview A buffer overflow vulnerability in the Microsoft mailslot server service may allow a remote attacker to execute arbitrary code on a vulnerable system. Description Mailslot A mailslot is a temporary mechanism that can facilitate data transfer between hosts. Mailslots messages are limited ...