This Metasploit module gains remote code execution on Firefox 35-36 by abusing a privilege escalation bug in resource:// URIs. PDF.js is used to exploit the bug. This exploit requires the user to click anywhere on the page to trigger the vulnerability.
c7380b4bd424349eceddb0191b851de4ff91a0a5afb8b3430ceffce5b834c992Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.
5d449b6f6c55b74d06b56b7435bc79236d2b0002e905211fd0c11d6d20b34d8cThis bulletin summary lists one bulletin that has undergone a major revision increment for August, 2015.
dfd23be0dbefb8bb95dc5db6d5e39fb6fdd92d9ec2d58405d0f63d5abafff45fLogstash 1.5.3 and prior versions are vulnerable to a SSL/TLS security issue which allows an attacker to successfully implement a man in the middle attack. This vulnerability is not present in the initial installation of Logstash. This insecurity is exposed when users configure Lumberjack output to connect two Logstash instances. In such deployments, a Logstash instance is used to collect logs from a webserver and securely transmit them to a central Logstash instance to perform additional filtering and storing.
8d94729ca78c886be74f1b17d603715f06729caa799a8b733cda4e486099eb9aApple Security Advisory 2015-08-20-1 - QuickTime 7.7.8 is now available and addresses arbitrary code execution and memory corruption issues.
31a4deb805a319fca7f77360e22ab19856e37387604603add15c19efbeaf3e5cWordPress Googmonify plugin version 0.8.1 suffers from cross site request forgery and cross site scripting vulnerabilities.
06c403fcedb1a7fd5d3e040288ea006db2072b20c5136ce9aea6ead2c5f43109VLC versions 2.2.1 and below suffer from an arbitrary pointer dereference vulnerability.
5729beee45859fa6c90c4ec59513f7ad8f788728b656de7ca5a61d5fed77f09cUbiquiti Networks Community online service web application allows for malicious script code to be inserted in the filename.
002d12b4f423b45de91babce8e586c124de4cd418c0f8a59c5ba722de1cf4597Input passed to the 'file_name' parameter in 'get2post.php' script is not properly sanitised before being used to get the contents of a resource and delete files. This can be exploited to read and delete arbitrary data from local resources with the permissions of the web server using a proxy tool.
b34289732116b4bcb2f1cc6baf7009b19a2cf9b4141f05c2872a8413c0e3056eup.time suffers from a privilege escalation issue. A normal user can elevate his/her privileges by sending a POST request setting the parameter 'userroleid' to 1. Cross site request forgery can be used to exploit this attack.
7d8991bd1c8571696c4d5bc0528881855899add84755aee81553925cb1fb5cd5up.time suffers from arbitrary command execution. Attackers can exploit this issue using the monitor service feature and adding a command with respected arguments to given binary for execution. In combination with the CSRF, privilege escalation, arbitrary text file creation, and renaming that file to php you can execute system commands with SYSTEM privileges.
949580b449c0517f641c161c6b8c3484aee9aca17ee184db120e309739d67e3fup.time version 7.5.0 allows users to perform certain actions via HTTP requests without performing any validity checks to verify the requests. This can be exploited to perform certain actions with administrative privileges if a logged-in user visits a malicious web site. Multiple cross site scripting vulnerabilities were also discovered. The issue is triggered when input passed via the multiple parameters is not properly sanitized before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
90f994cc5cd98108a1348a7bdc9bb5646926787ce5ab51d82604ccd07d720675When receiving XML encoded AMF messages containing DTD entities, the default XML parser configurations allows expanding of entities to local resources. A request that included a specially crafted request parameter could be used to access content that would otherwise be protected.
69d5afa3639558f66a8f98807a33cbb05547e69350539f5291a75ad6c03267b4SiteFactory CMS version 5.5.9 suffers from a directory traversal vulnerability.
e4ab1c3da31d5df71707d83aff72277e904feb00d2b2303509770774c51338d3EMC Documentum D2 contains fail open vulnerability that could be exploited by malicious users to compromise D2. Versions 4.2 and below are affected.
899364e37cd67e01c0b2c948e748dbe613d041f7c0075d1ef3d101ee28ab4074Microsoft HTA (HTML Application) suffers from a remote code execution vulnerability.
bbdb1ff7a0240544683ac43328710d675b6ca6730cc5f656f38cbceae8da9dd3Vifi Radio version 1 suffers from a cross site request forgery vulnerability. Exploit to add administrator included.
11d68726482c4931dd8bc7f9412e5b40a7a7002254633c42a4116b2ca2be56fbVifi Radio version 1 suffers from a cross site request forgery vulnerability. Exploit to upload a shell included.
6e4d34f2dea11cbb4c459268cca16e9324f4452dfcc3d0ee46d37ee3d7f0c2d1PDF Shaper version 3.5 suffers from a buffer overflow vulnerability.
1a862bd6f348439cf319bf9e523b76685ab407b894d14f0f8869b6561ddf0418WebSolutions India Design CMS suffers from a remote SQL injection vulnerability.
c061545b9e430bd03eedcdc7c87c3bb0051c3de84e39af7ff0c47318939c2ae9Multiple ChiefPDF software such as PDF to Image Converter and PDF to Tiff Converter suffer from a buffer overflow vulnerability.
ffed99b419802af6605e6b28fb1865cc96f61850767f2496d2612b3364bc82e0Ubiquiti Networks suffers from a cross site scripting vulnerability.
a50cae4abbdd6321e36ece3542888a733c6cff6b46e247e0ef2451a3ed1e3697This paper discusses an overflow in the DOUBLE data type in MySQL.
994da41348fedec81430a33635725f5ef5bf21eaded32a286053dfd2938cf982HPE Security Bulletin HPSBUX03410 SSRT102175 1 - A potential security vulnerability has been identified with HP-UX running BIND. This vulnerability could be exploited remotely to create a Denial of Service (DoS). Revision 1 of this advisory.
285ee505b9669d1854cd08aeb5674d644bd0b538eff60181220efd7a9afa9157HPE Security Bulletin HPSBUX03369 SSRT102037 1 - A potential security vulnerability have been identified with HP-UX programs using the execve(2) system call. The vulnerability could be exploited locally to create an elevation of privilege. Revision 1 of this advisory.
555885bcc1ea1c4a4d6346039a6eac29109d2b40f6dbde463fffaafc40a61744
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed