8 - 2012 - :: Deepquest ::

>> http://www.saolumsai.go.th/blue/loc.htm

USER: deepcore // 2012-08-28 // 0 CMT

http://www.saolumsai.go.th/blue/loc.htm notified by Learnersofcuriosity

>> Java 7 Applet Remote Code Execution

USER: deepcore // 2012-08-28 // 0 CMT

This Metasploit module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. The vulnerability seems to be related to the use of the newly introduced ClassFinder#resolveClass in Java 7, which allows the sun.awt.SunToolkit class to be loaded and modified. Please note this flaw is also being exploited in the wild, and there is no patch from Oracle at this point

>> [dos] – Express Burn Plus v4.58 EBP Project File Handling Buffer Overflow PoC

USER: bugmenot // 2012-08-28 // 0 CMT

Express Burn Plus v4.58 EBP Project File Handling Buffer Overflow PoC

>> [webapps] – CommPort 1.01 <= Multiple Vulnerabilities

USER: cabba // 2012-08-28 // 0 CMT

CommPort 1.01

>> [webapps] – RV Shopping Cart CSRF Vulnerability

USER: MasterP // 2012-08-28 // 0 CMT

RV Shopping Cart CSRF Vulnerability

>> [papers] – DNS-Based Phishing Attack in Public Hotspots

USER: paintmylove18 // 2012-08-28 // 0 CMT

DNS-Based Phishing Attack in Public Hotspots

>> [remote] – Simple Web Server 2.2-rc2 ASLR Bypass Exploit

USER: jzting // 2012-08-28 // 0 CMT

Simple Web Server 2.2-rc2 ASLR Bypass Exploit

>> [webapps] – Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure

USER: dendawga // 2012-08-28 // 0 CMT

Conceptronic Grab’n’Go and Sitecom Storage Center Password Disclosure

>> http://erawan-loei.go.th/application/

USER: deepcore // 2012-08-27 // 0 CMT

http://erawan-loei.go.th/application/ notified by shnow

>> http://srhospital.go.th

USER: deepcore // 2012-08-27 // 0 CMT

http://srhospital.go.th notified by ŤĤ