The CAREL pCOWeb firmware version 1.5.0 and lower has two passwordless default accounts that allow direct shell access via telnet. These accounts are not exposed in the associated Web UI. CAREL pCOWeb is an embedded device used primarily for HVAC systems.
82b0a4cd0a0bf41d1802335815e91ba3801340fe8352516154ac02cad97445f8
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion error in the IE broker process when processing unexpected variant objects, which could allow an attacker to execute arbitrary code within the context of the broker process to bypass Internet Explorer Protected Mode sandbox.
29cb1429a2a37f3d946b4ea603d9780f63a083ee715c7fb7c04574f48f13cb5f
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an integer overflow error in the "vml.dll" component when processing certain undocumented vector graphic properties, which could be exploited by remote attackers to leak arbitrary memory and compromise a vulnerable system via a malicious web page.
1cc53c7aa3e2dd5a6aeb2b6dce696e0d93ccd616548beed17512a42068a61e21
This Metasploit module exploits a stack buffer overflow in versions 1.3.9 to 1.4.0 of nginx. The exploit first triggers an integer overflow in the ngx_http_parse_chunked() by supplying an overly long hex value as chunked block size. This value is later used when determining the number of bytes to read into a stack buffer, thus the overflow becomes possible.
5caa8725f0b0e52002e2804749d851584f474a1d0b411c2a827865afd2da031c
This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This Metasploit module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.
362b070d8c1cff7e3047e6ccc9833c6d39410fbd8d44ca7e08e17d15068ff919
Weyal CMS suffers from a remote SQL injection vulnerability. Note that this finding has site-specific information.
83692401cd0bb507fa938e88a9e9e351a2a29d0810f21072c7eef4a2e38bdc33
This is a whitepaper titled "Dissecting Blackberry 10 - An Initial Analysis" and discusses the specifics of the Blackberry 10 operating system, fuzzers, dumping the boot sector and other topics.
70558b3c822ba1031b30db6cf2441cda58de528f629f8695f4dd323ea389bd4f
This paper is an introduction to the world of fuzzing by exploring the Sulley Fuzzing Framework.
9482ad49dcf1e85c63ff69f49d2c96af0e9d27589c49349ac1b0a36cd553b59f
Debian Linux Security Advisory 2672-1 - Adam Nowacki discovered that the new FreeBSD NFS implementation processes a crafted READDIR request which instructs to operate a file system on a file node as if it were a directory node, leading to a kernel crash or potentially arbitrary code execution.
8eabdee56b79c7299333824f4fec68170872a9111bb52fc743a14016b0ae8d10
Debian Linux Security Advisory 2671-1 - Multiple vulnerabilities have been discovered in Request Tracker, an extensible trouble-ticket tracking system.
a15801f1f427ccdf5621990cf1365caea5f3c00050791ada3fbad17e9c6b11a5
Red Hat Security Advisory 2013-0856-01 - Red Hat Certificate System is an enterprise software system designed to manage enterprise Public Key Infrastructure deployments. The Token Processing System is a PKI subsystem that acts as a Registration Authority for authenticating and processing enrollment requests, PIN reset requests, and formatting requests from the Enterprise Security Client. A format string flaw was found in the TPS subsystem. An authenticated Certificate System user could use this flaw to crash the Apache HTTP Server child process, possibly interrupting the processing of other users' requests, or possibly execute arbitrary code with pkiuser privileges.
42e949de483c7b1d285ed5c316c1bbf29566000c29b510ac9396eeab9c73dc36
Red Hat Security Advisory 2013-0855-01 - IBM J2SE version 5.0 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes several vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.
55b5630a6727041a01e8302b074f62792ba7c281270fae1f1d9c4e202e41041c