Apple Security Advisory 2013-10-15-1 - Multiple vulnerabilities existed in Java 1.6.0_51, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user Read the original post: Apple Security Advisory 2013-10-15-1   Read the rest of the entry...
October 10, 2013 · exploit, m$, Security
Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection Visit link: [webapps] - Imperva SecureSphere Web Application Firewall MX 9.5.6 - Blind SQL Injection   Read the rest of the entry...
October 2, 2013 · exploit, m$, Security
HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow More: [dos] - HylaFAX+ 5.2.4 - 5.5.3 - Buffer Overflow   Read the rest of the entry...
September 22, 2013 · exploit, m$, Security, software
Wordpress Lazy SEO plugin Shell Upload Vulnerability Visit site: [webapps] - Wordpress Lazy SEO plugin Shell Upload Vulnerability   Read the rest of the entry...
Apple Security Advisory 2013-09-20-1 - Apple TV 6.0 is now available and addresses 57 different vulnerabilities. Read the rest here: Apple Security Advisory 2013-09-20-1   Read the rest of the entry...
Apple Security Advisory 2013-09-17-1 - OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server. Original post: Apple Security Advisory 2013-09-17-1   Read the rest of the entry...
Apple Security Advisory 2013-09-12-1 - OS X Mountain Lion v10.8.5 and Security Update 2013-004 is now available and addresses Apache issues, BIND issues, ClamAV issues, and more. Read more from the original source: Apple Security Advisory 2013-09-12-1   Read the rest of the entry...
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. Read this article: Zed Attack Proxy 2.2.1 Mac OS X Release   Read the rest of the entry...
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program. Read more here: Packet Storm Exploit 2013-0827-1 - Oracle Java ByteComponentRaster.verify() Memory Corruption   Read the rest of the entry...
August 12, 2013 · exploit, m$, Security
Joomla redSHOP Component 1.2 - SQL Injection Read More: [webapps] - Joomla redSHOP Component 1.2 - SQL Injection   Read the rest of the entry...