This Metasploit module exploits a buffer overflow on Adobe Flash Player when handling nellymoser encoded audio inside a FLV video, as exploited in the wild on June 2015. This Metasploit module has been tested successfully on: Windows 7 SP1 (32-bit), IE11 and Adobe Flash 18.0.0.160, Windows 7 SP1 (32-bit), Firefox 38.0.5 and Adobe Flash 18.0.0.160, Windows 8.1, Firefox 38.0.5 and Adobe Flash 18.0.0.160, Linux Mint "Rebecca" (32 bits), Firefox 33.0 and Adobe Flash 11.2.202.466, and Ubuntu 14.04.2 LTS, Firefox 35.01, and Adobe Flash 11.2.202.466. Note that this exploit is effective against both CVE-2015-3113 and the earlier CVE-2015-3043, since CVE-2015-3113 is effectively a regression to the same root cause as CVE-2015-3043.
df6c07c8c61e9ddc1ee258859a800c72ade8287343881e5bac8140e590346c42Red Hat Security Advisory 2015-1207-01 - Mozilla Firefox is an open source web browser. XULRunner provides the XUL Runtime environment for Mozilla Firefox. Several flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges of the user running Firefox.
98590f698903ca4074a96b334aca1bcb4c4cd6916a86e1c1bad01d3d45b16892Soreco AG Xpert.Line version 3.0 suffers from an authentication bypass vulnerability.
c98fbb06cb49a8e133fd3cb5a59e1e2551ec4c78f54e19c3194dc575980376f0BlackCat CMS version 1.1.1 suffers from a path traversal vulnerability.
eb9f1e40548399becf1773ae639850fb9aa7f0181124f0e7f395dcc0f08cb347Snorby version 2.6.2 suffers from a cross site scripting vulnerability.
94c15120b89c9cb6d9e68b41fcad99033963277c4065ef72edc9c41bc5c24e6dipTIME n104r3 suffers from cross site request forgery and cross site scripting vulnerabilities.
988ca878ce6179d51150c2f47fb8f400ba022e083a41c70fc0745929e4016338This write up discusses the dangers around the OLE packager used to embed any file into Office documents.
5509a7219c971da3da4845092734860348e1252d37f58e83a5749a69db947031WordPress easy2map plugin version 1.24 suffers from a remote SQL injection vulnerability.
48a41fd75aa960d400a8fb8ea6ba5a2adfeb0a2999b947c6d7d8e9b1c2fa7eacDebian Linux Security Advisory 3298-1 - It was discovered that the Jackrabbit WebDAV bundle was susceptible to a XXE/XEE attack. When processing a WebDAV request body containing XML, the XML parser could be instructed to read content from network resources accessible to the host, identified by URI schemes such as "http(s)" or "file". Depending on the WebDAV request, this could not only be used to trigger internal network requests, but might also be used to insert said content into the request, potentially exposing it to the attacker and others.
d091fdea4958a8151a20ee1e53c260ff67a24262ac3e41f169fd462922e71fafRed Hat Security Advisory 2015-1206-01 - OpenStack Block Storage manages block storage mounting and the presentation of such mounted block storage to instances. The backend physical storage can consist of local disks, or Fiber Channel, iSCSI, and NFS mounts attached to Compute nodes. In addition, Block Storage supports volume backups, and snapshots for temporary save and restore operations. Programatic management is available via Block Storage’s API. A flaw was found in the cinder upload-to-image functionality. When processing a malicious qcow2 header cinder could be tricked into reading an arbitrary file from the cinder host.
434113d243ca518c4c62bc64eeb6317611b214e1380deb5a81660dfa91d55655
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed