Nibbleblog contains a flaw that allows an authenticated remote attacker to execute arbitrary PHP code. This Metasploit module was tested on version 4.0.3.
242036a885cccb63f5c9c28d79b7d7806419522622349b78f0a9c6bab6968a41Gentoo Linux Security Advisory 201510-1 - A vulnerability in BIND could lead to a Denial of Service condition. Versions less than 9.10.2_p4 are affected.
3e69b06ce087bc759fa9828ea0b0cf459d7968e9aa04df031352b20c2a562035Red Hat Security Advisory 2015-1913-01 - The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes three vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin APSB15-27 listed in the References section, could allow an attacker to create a specially crafted SWF file that would cause flash-plugin to crash, execute arbitrary code, or disclose sensitive information when the victim loaded a page containing the malicious SWF content.
c2c809858c61a7764fa510acc5422f080b18ca60e979f1d8e9cd47666ca3ff13Red Hat Security Advisory 2015-1908-01 - Red Hat JBoss Enterprise Application Platform 6 is a platform for Java applications based on JBoss Application Server 7. It was discovered that sending requests containing large headers to the Web Console produced a Java OutOfMemoryError in the HTTP management interface. An attacker could use this flaw to cause a denial of service. It was discovered that the EAP Management Console could be opened in an IFRAME, which made it possible to intercept and manipulate requests. An attacker could use this flaw to trick a user into performing arbitrary actions in the Console.
c44927f86da770a4d9e1517bb9ee548d5e371862766c0daf3935aff11a71d79eCarolinaCon is now accepting speaker/paper/demo submissions for its 12th annual conference. This event will be held March 4th through the 6th, 2016 in Raleigh, NC, USA.
283563a25095eda0df71b00d98f65b10ef3e5302fa616d48434259cb2504b33dKaboozu CMS suffers from a remote shell upload vulnerability.
921cf556d06fbd1fafb21a2ca7e9bd50488762ff34afb615de39cc8e5c781207Qualys discovered various vulnerabilities in LibreSSL. These include a memory leak and a buffer overflow.
b0de9f18c202a6ac93d7fb4c44048d40aa246b6dbb04fa3756ef345d6a3bb3efIn SAP NetWeaver AS JAVA, it is possible to call some of the DAS files without authorization because they do not check if a user is authorized to access some of the JSPs.
17e930af4bcb201a5b3c49123d1dd0c39290d43e9d66e4289fe5cec29479a0e8If IExternalizable.writeExternal is overridden with a value that is not a function, Flash assumes it is a function even though it is not one. This leads to execution of a 'method' outside of the ActionScript object's ActionScript vtable, leading to memory corruption.
c2857430db2e3817f2560860b2cb61ba6870519540ac7fa7ad196cee951f2afa
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed