Zero Day Initiative Advisory 12-060 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Oracle Java. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within cmm.dll. While parsing multi-function a to b curve data the size of an allocation is calculated based on user supplied data. It is possible to cause an integer wrap on the nTblSize variable. This variable is later used to allocate an heap buffer which will be smaller than necessary resulting in heap memory corruption. This can lead to remote code execution under the context of the current user.
37cd62456abbc42c2030e81c85fadffe54624cdbcaf059d5fb8101418bfe833d
Zero Day Initiative Advisory 12-059 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists in the parsing of Ogg Vorbis media files. By crafting a stream with specific values , it is possible to cause a decoding loop that copies memory to write controlled data beyond the end of a fixed size buffer. An attacker can leverage this behavior to gain remote code execution under the context of the current process.
8301227408abf61ea4f87c4aa97eee456073e86bfc0c62d51ee575bd80b3da0f
Zero Day Initiative Advisory 12-058 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of AppleQuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw occurs when the application allocates space for decoding a video sample encoded with the .png format. When calculating space for this surface, the application will explicitly trust the bit-depth within the MediaVideo header. During the decoding process, the application will write outside the surface's boundaries. This can be leveraged to allow for one to earn code execution under the context of the application.
919e54396b72d0c9306baf9712477f90b15662d107f47fd151cc3e00084425af
Zero Day Initiative Advisory 12-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Flash Player handles the update of a NetStream object via the appendBytes method which can lead to a use-after-free condition when the function returns. This can result in remote code execution under the context of the current process.
f10032eed460124a4fc1a534f5ee945f69ee0a881a07088857826cb6ecded560
Adobe Flash Player versions prior to 10.3.183.16 and 11.x before 11.1.102.63 suffer from an information disclosure vulnerability. This archive has research related to this issue, proof of concept source code, and a swf that demonstrates the issue.
a3e0acb403967ecb2ab50b95e92c7801505af37a7f830f9ad5119219170efa9f
Malware Removal Guide for Windows was written to help remove most malicious software on a Windows operation system.
fbfc296b298953c291b21aa480377671b8d0e49e38dc1dd43c89bc6c51084ac4
CIntruder version 0.1 is an automatic pentesting tool to bypass CAPTCHA.
026ca20799a94b1338bcf11490052923d2758590e721e6a6b88925b65dfe8cca
Zero Day Initiative Advisory 12-056 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of nsSVGValue observers. A certain method call can be made to loop excessively causing an out-of-bounds memory access. By abusing this behavior an attacker can ensure this memory is under control and leverage the situation to achieve remote code execution under the context of the user running the browser.
e23cbda38aef4fa8e327d43e94f029544e7d3574236da08ee39385b384e0cbfe
Secunia Research has discovered two vulnerabilities in RealNetworks Helix Server, which can be exploited by malicious people to cause a denial of service. RealNetworks Helix Server version 14.2.0.212 is affected.
5b1e1fa0cc0eed87f6da68ffae687141005db917dec8e254c0a6d683331a14a7
Secunia Research has discovered a security issue in RealNetworks Helix Server, which can be exploited by malicious, local users to disclose sensitive information. The security issue is caused due to the user and administrative credentials being insecurely stored in the flat file database (\Program Files\Real\Helix Server\adm_b_db\users\). This can be exploited by local users to disclose the clear text passwords. RealNetworks Helix Server version 14.2.0.212 is affected.
aca90a6e399548c638f4a6941e59231976b3ab8e08ca00038b88e7f290140d47
Zero Day Initiative Advisory 12-055 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the WebCore component as used by WebKit. Specifically within the handling of element properties. When importing a node having a nonattribute property such as an attached event, an object is improperly freed and accessed. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the browser.
d921ddf2635cdab4f6571381dd2e3b6fa6a4467d1396858dff4d080edc7e7e80
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Windows installer.
86958b3047d7959d500a914ed62d8b67c713cf75cec79b67db8f06864d33d481
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Mac OS X release.
370b065d9d57839e4c92ef7044e07775cebbdd9c035a7661037505b2e48065b8
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Linux release.
3bd683f219f1a8e52a26eeb33d928851074609f5b42bca6c635ca3c707167d50
Uploadify Integration version 0.9.6 suffers from multiple reflective cross site scripting vulnerabilities.
2cec663ed8f499e02e5821c830115810999de117f9fed461880943ad28c12e39
This Metasploit module exploits a vulnerability found in Dolibarr ERP/CRM's backup feature. This software is used to manage a company's business information such as contacts, invoices, orders, stocks, agenda, etc. When processing a database backup request, the export.php function does not check the input given to the sql_compat parameter, which allows a remote authenticated attacker to inject system commands into it, and then gain arbitrary code execution.
f473f9176eddcff3e9c592e1ef0bfc7d0a0e762392a39abfb965fb4ca8ee9b22
This Metasploit module exploits a buffer overflow vulnerability in the Isig.isigCtl.1 ActiveX installed with IBM Tivoli Provisioning Manager Express for Software Distribution 4.1.1. The vulnerability is found in the "RunAndUploadFile" method where the "OtherFields" parameter with user controlled data is used to build a "Content-Disposition" header and attach contents in a insecure way which allows to overflow a buffer in the stack.
cc74382e2035afca25b92161a9b63460e74741bb7ded9bd96d66e5da0d29eb86
This Metasploit module can be used to execute a payload on LANDesk Lenovo ThinkManagement Suite 9.0.2 and 9.0.3. The payload is uploaded as an ASP script by sending a specially crafted SOAP request to "/landesk/managementsuite/core/core.anonymous/ServerSetup.asmx" , via a "RunAMTCommand" operation with the command '-PutUpdateFileCore' as the argument. After execution, the ASP script with the payload is deleted by sending another specially crafted SOAP request to "WSVulnerabilityCore/VulCore.asmx" via a "SetTaskLogByFile" operation.
0f339f9c1af48dbfe9bfacaefebfc2b71162b36ed475e3bea07c0a38fda09f1b
This Metasploit module allows remote attackers to execute arbitrary code by exploiting the Snort service via crafted SMB traffic. The vulnerability is due to a boundary error within the DCE/RPC preprocessor when reassembling SMB Write AndX requests, which may result a stack-based buffer overflow with a specially crafted packet sent on a network that is monitored by Snort. Vulnerable versions include Snort 2.6.1, 2.7 Beta 1 and SourceFire IDS 4.1, 4.5 and 4.6. Any host on the Snort network may be used as the remote host. The remote host does not need to be running the SMB service for the exploit to be successful.
4831463187a96ae8a63ec6bde91a0cbca65b38578ad54e60da0525ce6c81e52a
Gentoo Linux Security Advisory 201204-1 - Multiple vulnerabilities were found in VirtualBox, allowing local attackers to gain escalated privileges. Versions prior to 4.1.8 are affected.
a21a8c4c6c228dc25cf6d24b58f037d6f50df1b984bea38e90303d952ad7400f
This is a whitepaper called Blind Date With Your Girlfriend. It is a brief tutorial that explains how to use Metasploit to hack a Windows box.
157492120226df24ef2e8aea4490de261f57ae418be5905de19a8dfc3264fd9e