This Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the casi32 method, where an integer overflow occurs if a ByteArray of length 0 is setup as domainMemory for the current application domain. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 15.0.0.167.
ae591f02688cd067f82a826d2565cca8148319265c1fabddf71ee88ff7b5d99bThis Metasploit module exploits a hidden backdoor API in Apple's Admin framework on Mac OS X to escalate privileges to root, dubbed Rootpipe. Tested on Yosemite 10.10.2 and should work on previous versions. The patch for this issue was not backported to older releases. Note: you must run this exploit as an admin user to escalate to root.
6e27a1e1f2bcf759b740ad9887024027c9c87f0045ced259f32d35e3a7522fe1aircrack-ng is a set of tools for auditing wireless networks. It's an enhanced/reborn version of aircrack. It consists of airodump (an 802.11 packet capture program), aireplay (an 802.11 packet injection program), aircrack (static WEP and WPA-PSK cracking), airdecap (decrypts WEP/WPA capture files), and some tools to handle capture files (merge, convert, etc.).
ba5b3eda44254efc5b7c9f776eb756f7cc323ad5d0813c101e92edb483d157e9WordPress Fusion Engage plugin suffers from a local file disclosure vulnerability.
b52c96d8ad5b17a3befc553727ad9791dd2827f50c32f8d7c79b82cbfae79e50Multiple TP-LINK products suffer from a local file disclosure vulnerability.
77dc5766ead42d5a0627853f735788b13644c3d13432f56e13c5ebedd4253fa3WordPress Duplicator plugin versions 0.5.14 and below suffer from cross site request forgery and remote SQL injection vulnerabilities.
f6a51d5df014feb4bd047ab4edcd3143f94f10035313ee7d5c44176c2ffdf44cMagento eCommerce versions 1.9.0 and below are compiled with a vulnerable version of Adobe Flex SDK allowing for same-origin request forgery and cross-site content hijacking.
2abdab09c60b62e14aaa6b4c47c3f0c149c4561cf4f13a7a1514da1b9474cc0aHippo CMS version 7.9.7 Enterprise Edition suffers from a CRLF header injection vulnerability.
2fb4fa85ea66e995db6ab55d0538b5311601d0e89367a86fc0e5f6c567ccbaa7Pimcore CMS version 3.0.5 suffers from a cross site request forgery vulnerability.
5209b22680fd154dc19cf97cff87c1072529cc3d9440119d2a4d450da6fc2e7aNetwork Solutions Webmail suffers from cross site scripting, cross site request forgery, password reset, information disclosure and various other security vulnerabilities.
c559efb26add26a98a7159d6b6b66eef0951644e9d1df44a88ea79ae16873041Red Hat Security Advisory 2015-0797-01 - X.Org is an open source implementation of the X Window System. It provides the basic low-level functionality that full-fledged graphical user interfaces are designed upon. A buffer over-read flaw was found in the way the X.Org server handled XkbGetGeometry requests. A malicious, authorized client could use this flaw to disclose portions of the X.Org server memory, or cause the X.Org server to crash using a specially crafted XkbGetGeometry request. This issue was discovered by Olivier Fourdan of Red Hat.
7ac8b7aced2419a0badae538306c5cb9ccc87d8ef506ce63553f43b2bca66bafRed Hat Security Advisory 2015-0795-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm-rhev package provides the user-space component for running virtual machines using KVM, in environments managed by Red Hat Enterprise Linux OpenStack Platform. It was found that the Cirrus blit region checks were insufficient. A privileged guest user could use this flaw to write outside of VRAM-allocated buffer boundaries in the host's QEMU process address space with attacker-provided data. This issue was discovered by Paolo Bonzini of Red Hat.
41652ca875602c699e7f0b082e9a598e015e900d7caabfca7902669a6050bd49Ubuntu Security Notice 2566-1 - Jann Horn discovered that dpkg incorrectly validated signatures when extracting local source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could bypass signature verification checks.
6cf9f3e41298a6212ac8a4bcd8c602d537ac9410e0524b541502765d10e1b336OrangeHRM versions Opensource 3.2.1 and Professional / Enterprise 4.11 suffer from cross site scripting and remote blind SQL injection vulnerabilities.
1862a0aad68949b5bd076f84585c5eaeef1fd83c5fa15e8a9e8d03c8a737ecf6Simple PHP script that explores WebDAV vulnerable sites that allow arbitrary uploads.
82096e8ddc00f8baec5d02ce1a0576b3e0253c168398a7b80b0b02473a331d36
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed