Clik here to view.
CVE-2014-7911
In Android <5.0, java.io.ObjectInputStream did not check whether the Object thatis being deserialized is actually serializable. That issue was fixed in Android5.0 with this...
View ArticleClik here to view.
RSS Reveals Malware Injections
There are multiple different ways to detect invisible malware on a website:You can scrutinize the HTML code of web pages.Use external scanners like SiteCheck or UnmaskParasites.Get alerts from...
View ArticleClik here to view.
CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and...
Vulnerability title: Arbitrary Code Execution In Faronics Deep Freeze Standard and EnterpriseCVE: CVE-2014-2382Vendor: FaronicsProduct: Deep Freeze Standard and EnterpriseAffected version: Before and...
View ArticleClik here to view.
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload
CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload1. Backgroundtcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP and other packets...
View ArticleClik here to view.
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR...
CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload1. Backgroundtcpdump is a powerful command-line packet analyzer. It allows the user to intercept and display TCP/IP...
View ArticleClik here to view.
POWELIKS Levels Up With New Autostart Mechanism
Last August, we wrote about POWELIKS’s malware routines that are known for hiding its malicious codes in the registry entry as part of its evasion tactics.In the newer samples we spotted, malware...
View ArticleClik here to view.
CVE-2014-1767 Afd.sys double-free vulnerability Analysis and Exploit
First, I would like to present the reasons why I focus on this vulnerability, (1) This afd.sys dangling pointer vulnerability was named as the best privilege escalation vulnerability in pwnie awards...
View ArticleClik here to view.
CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE
Vulnerability title: Insufficient Input Validation By IO Slaves In KDE e.V. KDECVE: CVE-2014-8600Vendor: KDE e.V.Product: KDEAffected version: kwebkitpart <= 1.3.4, kde-runtime <= 4.14.3,...
View ArticleClik here to view.
CVE-2014-2630 - SetUID/SetGID Programs Allow Privilege Escalation Via...
Vulnerability title: SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in Compaq/Hewlett Packard Glance for LinuxCVE: CVE-2014-2630Vendor: Compaq/Hewlett PackardProduct: Glance for...
View ArticleClik here to view.
VMware: "It's not a vulnerability, mmkkkayyy"
During a recent review of the VMWare Workstation application, I discovered a method that allows any member of the __vmware__ group to extract arbitrary sections of kernel memory. When you consider the...
View ArticleClik here to view.
CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM
Vulnerability title: Multiple SQL Injections in Dolibarr ERP & CRMCVE: CVE-2014-7137Vendor: Dolibarr ERP & CRMProduct: Dolibarr ERP & CRMAffected version: 3.5.3Fixed version: 3.6.1Reported...
View ArticleClik here to view.
How MS14-066 (CVE-2014-6321) is More Serious Than First Thought
If you've been in a coma for the past week, MS14-066 (CVE-2014-6321) is a TLS heap overflow vulnerability in Microsoft's schannel.dll, which can result in denial of service and even remote code...
View ArticleClik here to view.
ROVNIX Infects Systems with Password-Protected Macros
We recently found that the malware family ROVNIX is capable of being distributed via macro downloader. This malware technique was previously seen in the DRIDEX malware, which was notable for using the...
View ArticleClik here to view.
A Peek Inside a PoS Scammer’s Toolbox
PoS malware has been receiving a tremendous amount of attention in the past two years with high profile incidents like Target, Home Depot, and Kmart. With the massive “Black Friday” shopping season...
View ArticleClik here to view.
Use After Free Exploits for Humans Part 1 – Exploiting MS13-080 on IE8 winxpsp3
A use after free bug is when an application uses memory (usually on the heep) after it has been freed. In various scenarios, attackers can influence the values in that memory, and code at a later point...
View ArticleClik here to view.
CVE-2014-8440 (Flash up to 15.0.0.189) and Exploit Kits
Once again that's fast. Nine day (or less?) after patchmore here......http://malware.dontneedcoffee.com/2014/11/cve-2014-8440.html
View ArticleClik here to view.
[DeepSec 2014] A Myth or Reality – BIOS-based Hypervisor Threat
Myths and Reality often interest and interchange… this is how life works.A myth about a Malicious Hypervisor (Russian Ghost) appeared on Russian Hacker’ website at the end of 2011. It has all myth’s...
View ArticleClik here to view.
WordPress 3 persistent script injection
OVERVIEW========A security flaw in WordPress 3 allows injection of JavaScript into certaintext fields. In particular, the problem affects comment boxes on WordPressposts and pages. These don't require...
View ArticleClik here to view.
Security Advisory – High severity – WP-Statistics WordPress Plugin
If you’re using the WP-Statistics WordPress plugin on your website, now is the time to update. While doing a routine audit for our Website Firewall product, we discovered a few vulnerabilities in the...
View ArticleClik here to view.
Beginners error: "Google update" runs rogue programs %USERPROFILE%\Local.exe,...
Hi @ll,Google update, which is installed together with Google Chrome andother Google products, resp. the Chrome updater run the rogue programs"%USERPROFILE%\Local.exe","%USERPROFILE%\Local...
View Article
