Subscribe via feed.
Archive for October, 2015

Safari User-Assisted Applescript Exec Attack

Posted by deepcore under Apple (No Respond)

In versions of Mac OS X before 10.11.1, the applescript:// URL scheme is provided, which opens the provided script in the Applescript Editor. Pressing cmd-R in the Editor executes the code without any additional confirmation from the user. By getting the user to press cmd-R in Safari, and by hooking the cmd-key keypress event, a […]

Tags: , ,

[webapps] – Liferay 6.1.0 CE – Privilege Escalation

Posted by deepcore under Security (No Respond)

Liferay 6.1.0 CE – Privilege Escalation

Tags: ,

[webapps] – Joomla Real Estate Manager Component 3.7 – SQL injection

Posted by deepcore under Security (No Respond)

Joomla Real Estate Manager Component 3.7 – SQL injection

Tags: ,

Apple Security Advisory 2015-10-21-1

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-10-21-1 – iOS 9.1 is now available and addresses arbitrary code execution, cookies being overwritten, heap based buffer overflow, and various other vulnerabilities.

Tags: , ,

Apple Security Advisory 2015-10-21-2

Posted by deepcore under Apple (No Respond)

Apple Security Advisory 2015-10-21-2 – watchOS 2.0.1 is now available and addresses arbitrary code execution, heap buffer overflow, and various other vulnerabilities.

Tags: , ,

[remote] – Easy File Sharing Web Server 7.2 – Remote SEH Based Overflow

Posted by deepcore under Security (No Respond)

Easy File Sharing Web Server 7.2 – Remote SEH Based Overflow

Tags: ,

[webapps] – Realtyna RPL Joomla Extension 8.9.2 – Multiple SQL Injection Vulnerabilities

Posted by deepcore under Security (No Respond)

Realtyna RPL Joomla Extension 8.9.2 – Multiple SQL Injection Vulnerabilities

Tags: ,

[webapps] – Realtyna RPL Joomla Extension 8.9.2 – Persistent XSS And CSRF Vulnerabilities

Posted by deepcore under Security (No Respond)

Realtyna RPL Joomla Extension 8.9.2 – Persistent XSS And CSRF Vulnerabilities

Tags: ,

[webapps] – Subrion 3.X.X – Multiple Vulnerabilities

Posted by deepcore under Security (No Respond)

Subrion 3.X.X – Multiple Vulnerabilities

Tags: ,

[remote] – The World Browser 3.0 Final – Remote Code Execution

Posted by deepcore under Security (No Respond)

The World Browser 3.0 Final – Remote Code Execution

Tags: ,