RealPlayer 16.0.0.282 (.html) Memory Corruption
# Title : RealPlayer 16.0.0.282 (.html) Memory Corruption# Date: 2013-02-8# Softwares Link: http://fr.real.com/realplayer/# phone : +447024073406# Author: The Black Devils# Tested on: Windows XP SP2#...
View ArticleWindows Media Player 9.0.0 Local Proof Of Concept Exploit
# Title : Windows Media Player 9.0.0 Local Proof Of Concept Exploit# Date: 2013-01-12# Software Link: http://windows.microsoft.com/fr-FR/windows/windows-media-player# phone : +447024073406# Author: The...
View Articlenew scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus...
This report describes any new scripts/modules/exploits added to Nmap,OpenVAS, Metasploit, and Nessus since yesterday.== Metasploit modules (1) ==r16438...
View ArticleWordpress Pinboard theme XSS
Henrique Montenegro found an XSS vuln in the free Pinboard1.0.6 theme for Wordpress. This XSS happens in one of the administrationpages so it can only be triggered by authenticated users.Here is the...
View ArticleIRIS Citations Management Tool (post auth) Remote Command Execution
Here is a bug that I finally found time to write about :-)https://infosecabsurdity.wordpress.com/2013/02/09/iris-citations-management-tool-post-auth-remote-command-execution/The attached contains my...
View ArticleRealsec Launches H3P, Data Preparation and Cryptographic Key Management Tool...
Realsec H3P Ensures an Easy Transition to EMV Card Issuance From Magnetic Stripe Card Deployments by Automating the Multiple Steps RequiredREDWOOD CITY, CA--(Marketwire - Feb 11, 2013) - Realsec, a...
View ArticleIP.Gallery 4.2.x and 5.0.x Persistent XSS Vulnerability
# Exploit Title: IP.Gallery 4.2.x and 5.0.x persistent XSS vulnerability# Date: 8/2/2013# Exploit Author: Mohamed Ramadan# Author HomePage: http://www.Attack-Secure.com# Author Twitter :...
View ArticleCDW Report: Work Imitates Life in Cloud Computing Adoption
Study Finds Personal Use of Cloud Influencing Decisions at Work; More Than Half of Organizations Are Migrating or Planning to Move Services to The CloudVERNON HILLS, Ill.--(BUSINESS WIRE)--CDW LLC, a...
View ArticleLancope Unveils Threat Feed to Provide Enhanced Detection for Botnets and...
The StealthWatch Labs Intelligence Center™ (SLIC) Threat Feed draws upon global threat intelligence to reduce enterprise riskATLANTA, Feb. 11, 2013 /PRNewswire/ -- Lancope, Inc., a leader in network...
View ArticleEnymity Provides Most Practical Solution for Anonymous Online Purchasing
RICHMOND, Va., Feb. 11, 2013 /PRNewswire/ -- For those who ask, "How can I make purchases online without broadcasting my personal information?" Enymity has the only viable answer.Using their...
View ArticleFreeFloat FTP 1.0 Raw Commands Buffer Overflow
#Authored by superkojimanimport socket, struct, sysif len(sys.argv) < 3: print "usage: %s IP port" % (sys.argv[0]) sys.exit(0)ip = sys.argv[1]port = int(sys.argv[2])# Bind shellcode generated...
View ArticleM2M Dream Challenged by Alarming Security Concerns - Spurs $198 Million...
LONDON--(BUSINESS WIRE)--The financial golden goose egg of M2M services that has attracted the attention of carriers globally risks being thwarted by the growing security concerns in M2M applications....
View ArticleThreat Outbreak Alert: Fake Money Transfer E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain a money transfer notification for the recipient. The text in...
View ArticleThreat Outbreak Alert: Fake Product Sample Request E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain product sample request for the recipient. The text in the...
View ArticleThreat Outbreak Alert: Fake Invoice Payment Notification E-mail Messages
DescriptionCisco Security Intelligence Operations has detected significant activity related to spam e-mail messages that claim to contain invoice payment notification for the recipient. The text in the...
View ArticleHuawei Mobile Partner | Permission Weakness Local Privilege Escalation
1. DESCRIPTIONHuawei Mobile Partner application contains a flaw that may allow anattacker to gain access to unauthorized privileges. The issue is dueto the application installing with insecure...
View Articlenew scripts/modules/exploits added to Nmap, OpenVAS, Metasploit, and Nessus
This report describes any new scripts/modules/exploits added to Nmap,OpenVAS, Metasploit, and Nessus since yesterday.== Metasploit modules (2) ==r16439...
View Article[ MDVSA-2013:010 ] java-1.6.0-openjdk
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2013:010http://www.mandriva.com/security/...
View Article[RHSA-2013:0249-01] Important: JBoss Enterprise Application Platform 4.3.0...
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: JBoss...
View Article[RHSA-2013:0248-01] Important: JBoss Enterprise Application Platform 4.3.0...
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA1===================================================================== Red Hat Security AdvisorySynopsis: Important: JBoss...
View Article