11 - 2015 - :: Deepquest ::

>> [dos] – Windows Cursor Object Potential Memory Leak (MS15-115)

USER: deepcore // 2015-11-23 // 0 CMT

Windows Cursor Object Potential Memory Leak (MS15-115)

>> [local] – NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 – Arbitrary Run Key Creation

USER: deepcore // 2015-11-23 // 0 CMT

NVIDIA Stereoscopic 3D Driver Service 7.17.13.5382 – Arbitrary Run Key Creation

>> [dos] – Windows Race Condition DestroySMWP Use-After-Free (MS15-115)

USER: deepcore // 2015-11-23 // 0 CMT

Windows Race Condition DestroySMWP Use-After-Free (MS15-115)

>> [dos] – Oracle Outside In PDF 8.5.2 – Parsing Memory Corruption Vulnerability 2

USER: deepcore // 2015-11-23 // 0 CMT

Oracle Outside In PDF 8.5.2 – Parsing Memory Corruption Vulnerability 2

>> [dos] – Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)

USER: deepcore // 2015-11-23 // 0 CMT

Windows Kernel Device Contexts and NtGdiSelectBitmap Use-After-Free (MS15-115)

>> [remote] – Joomla Content History SQLi Remote Code Execution

USER: deepcore // 2015-11-23 // 0 CMT

Joomla Content History SQLi Remote Code Execution

>> [dos] – Audacious 3.7 – ID3 Local Crash PoC

USER: deepcore // 2015-11-23 // 0 CMT

Audacious 3.7 – ID3 Local Crash PoC

>> Traffic CMS 1.4.x Local File Inclusion

USER: deepcore // 2015-11-21 // 0 CMT

Traffic CMS version 1.4.x suffers from a local file inclusion vulnerability.

>> Atlassian Bamboo Java Deserialization Code Execution

USER: deepcore // 2015-11-21 // 0 CMT

Atlassian Bamboo remote code execution exploit that leverages the java deserialization vulnerability as noted in CVE-2015-6576.

>> ZTE ZXHN H108N R1A / ZXV10 W300 Traversal / Disclosure / Authorization

USER: deepcore // 2015-11-21 // 0 CMT

ZTE ZXHN H108N R1A and ZXV10 W300 routers suffer from path traversal, information disclosure, improper authorization, and hard-coded credential vulnerabilities.