The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
>> ARCHIVE: 2013-08
http://nachumsaeng.go.th notified by Sh4d0w_h4x0r
onehttpd 0.7 – Denial of Service
MinaliC Webserver 2.0.0 – Buffer Overflow (Egghunter)
HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow
Open-FTPD 1.2 Arbitrary File Upload
Here is the original post: http://www.kantharalak.sisaket.police.go.th/Mains/research/
Go here to read the rest: http://www.ksculture.go.th
The Guardian WikiLeaks cables: US 'lobbied Russia on behalf of Visa and MasterCard' The Guardian A state department cable released this afternoon by WikiLeaks reveals that US diplomats intervened to try to amend a draft law going through Russia's duma, or lower house of parliament. Their explicit aim was to ensure the new law did not “disadvantage … and more
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution.