nSense Vulnerability Research Security Advisory - The calendar synchronization feature of iOS fails to validate the SSL certificate provided by the server. Therefore, CalDAV communication can be intercepted by a basic man in the middle attack. As every request contains a HTTP basic authentication header, which contains base64-encoded credentials, it is possible to intercept email account credentials by an attacker that is suitably positioned (e.g. the same LAN, WLAN) or is able to tamper with DNS records pointing to the CalDAV server. The application accepts the untrusted certificate without any warning or prompt, so the attack will go unnoticed by the user.
1287538d9d82e32529c0d747e336f8c5ebf4984b6eb88af17ffa07e9b262328d
nSense Vulnerability Research Security Advisory - The coreservice.exe process in Procyon core server versions 1.06 and below contains a remotely exploitable memory corruption flaw which allows for remote code execution. The affected component is coreservice.exe, which listens on port 23, running as SYSTEM. Sending a long string will trigger the overflow.
922acef938ae8deb176229f5e0792d09103f2de6f8e5b7312b17de91b92ff373
nSense Vulnerability Research Security Advisory - The default configuration in Azeotech DAQFactory allows network connections towards the HMI without authentication. This allows an attacker on the network to shut down the machine running the HMI software by sending a simple packet.
8a08b9d43fbf3ae9966c1c2359f63e48b085f95564403cf9d414af76d275d1b5
BugFree version 2.1.3 suffers from multiple cross site scripting vulnerabilities. It suffers from irony as well.
c60ee26015ee452ddc89c1dba200e9cb312be731357aa51904113759519d530c
WordPress GD Star Rating plugin versions 1.9.10 and below suffer from a remote SQL injection vulnerability.
e676ac7843ceea20d50f6897d91a82a819ef6105541789732e869cfb90207f88
Mozilla Firefox Integer Overflow | Mozilla Firefox Array.reduceRight() integer overflow exploit. James Besmertnuk has reported that this vulnerability is still present in Firefox version 9.0.1.
b0d79a9af8ab6b14c5febfcb8aae8db449fcd6cc78eecbb021905dadaa2e2e0e
MyBB MyStatus version 3.1 suffers from a remote SQL injection vulnerability.
39508ce6c71cc6d5af9e49ec8e8ba1384226570a48528dc027b06b126a625e3c
Apple Security Advisory 2011-10-12-6 - Numbers for iOS version 1.5 is now available and addresses multiple arbitrary code execution vulnerabilities.
20c88767fd92fafa245efd1b1fcfe2636e7206dff1dc34b8383101e56e63013a
Apple Security Advisory 2011-10-12-5 - Pages for iOS version 1.5 is now available and addresses an arbitrary code execution vulnerability.
266ef02de7f6041b775e847d47f1381e09f83e7fc41a3cf6e1d001241a8a0efb
Apple Security Advisory 2011-10-12-4 - Safari version 5.1.1 is now available and addresses a directory traversal issue, a policy issue, various arbitrary code execution issues, and 40+ other vulnerabilities.
67fb47bed169689d2b56f0956e295eec800ece4bedcb461b75b4e8685088f651
Apple Security Advisory 2011-10-12-3 - OS X Lion has a security update available that addresses findings in Apache, a format string vulnerability in the Application Firewall, an arbitrary code execution vulnerability when viewing a malicious font via ATS, and 60+ other issues.
4d539896720bca2e48b218929a6c10484c83d72ac4b634adbd7f33f680f59ede
Apple Security Advisory 2011-10-12-2 - An Apple TV software update is now available and addresses credential interception, spoofing, information disclosure, and various other vulnerabilities.
af6991e6da4da4c4159318f8e75e42e744f9f6316d984aa5a8dddf7761727af1
Apple Security Advisory 2011-10-12-1 - An iOS 5 software update is now available. It addresses an SSL check in CalDAV, a script injection issue in Calendar, issues in CFNetwork, and 90+ other security issues.
a8ca21bf61323da2e049fe8c2ba65cc9cae5928af38fbf284248eee54695f428
Core Security Technologies Advisory - Microsoft Publisher is a desktop publishing application from Microsoft that uses a proprietary file format (.pub). A vulnerability has been found in Publisher 2007, that can be leveraged by an attacker to execute arbitrary code by enticing users to insert a specially-crafted .pub file into a document.
7393db4575d55c43a0190c93fc1da01edde0c4413669ca97163f00e3e4952ff0
OWASP is currently soliciting papers for the OWASP AppSec DC 2012 conference that will take place at the Walter E. Washington Convention Center in Washington, DC from April 2nd through the 5th.
ab66aab9fef37a67e514e370047afaf8c3b474b937be37c8c8880a3758f47f45
Destination Search version 4.0 suffers from a direct access administrative console access control bypass vulnerability.
94625c8355bc2fae9c33a3f8254cda7413efe682d31a0d7e0d81ae0c106fbf26
nSense Vulnerability Research Security Advisory - Adobe Flash Media Servers (FMS) versions 3.5.6 and below and 4.0.2 and below suffer from a denial of service vulnerability.
7e626c6eab58c87b89031859246abce098102e446fc040aa85a6e11b9a71fbc7
The IPMI functionality of some Supermicro mainboards comes with two admin accounts by default but the manufacturer only notes that you should change the password for the ADMIN account. However, a second account, Anonymous, exists.
ebfaa994a643bb9852478e388c13bab8563b97143563b75575a02e698e38f9a1
The Pretty Link WordPress plugin version 1.4.56 suffers from multiple cross site scripting vulnerabilities.
b8a6231299f9909e9f36612f11c7930a47c0083f4a5a518e260c1ae33316f76d
The backup function for Supermicro IPMI backs up in a public web location allowing for remote disclosure.
42583bebbace18bd3c381adc7258e99cfb5dc554f8766ed82cd6b9eae89c36ca
Whitepaper called Buffer Overflow Exploitation - SEH.
d4773945a03214e61e08b72d1a503fffdf07e12cac2dba7b7d716c937d990401