2016 January

Classic Infomedia (Login) – Auth Bypass Web Vulnerability

Posted by deepcore under exploit (No Respond)

An independent vulnerability laboratory research group discovered an auth bypass (pre-auth) web vulnerability in the official Classic Infomedia (Login) CMS (2016-Q1).

[local] – Windows – Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)

Posted by deepcore under Security (No Respond)

Windows – Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)

Tags: 0day, remote exploit

[dos] – Linux Kernel – prima WLAN Driver Heap Overflow

Posted by deepcore under Security (No Respond)

Linux Kernel – prima WLAN Driver Heap Overflow

Tags: 0day, remote exploit

[dos] – FreeBSD SCTP ICMPv6 Error Processing Vulnerability

Posted by deepcore under Security (No Respond)

FreeBSD SCTP ICMPv6 Error Processing Vulnerability

Tags: 0day, remote exploit

Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 1

Posted by deepcore under exploit (No Respond)

The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks.

Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2

Posted by deepcore under exploit (No Respond)

The fix for CVE-2015-2553 can be bypassed to get limited mount reparse points working again for sandbox attacks by abusing anonymous token impersonation.

Kleefa v1.7 (IR) – Multiple Web Vulnerabilities

Posted by deepcore under exploit (No Respond)

An independent vulnerability laboratory research group discovered multiple vulnerabilities in the official Kleefa v1.7 content management system.

118 Telecom Cross Site Scripting

Posted by deepcore under exploit (No Respond)

118 Telecom’s website suffers from a cross site scripting vulnerability.

GRR 3.0.0-RC1 Remote Code Execution / File Upload

Posted by deepcore under exploit (No Respond)

GRR versions 3.0.0-RC1 and below suffer from a remote code execution vulnerability with privilege escalation through a file upload filter bypass.

Java Platform SE 6 U24 HtmlConverter.exe Buffer Overflow

Posted by deepcore under exploit (No Respond)

Java Platform SE 6 U24 HtmlConverter.exe version 6.0.240.50 suffers from a buffer overflow vulnerability.

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Classic Infomedia (Login) – Auth Bypass Web Vulnerability

[local] – Windows – Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2 (MS16-008)

[dos] – Linux Kernel – prima WLAN Driver Heap Overflow

[dos] – FreeBSD SCTP ICMPv6 Error Processing Vulnerability

Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 1

Microsoft Windows Sandboxed Mount Reparse Point Creation Mitigation Bypass Redux 2

Kleefa v1.7 (IR) – Multiple Web Vulnerabilities

118 Telecom Cross Site Scripting

GRR 3.0.0-RC1 Remote Code Execution / File Upload

Java Platform SE 6 U24 HtmlConverter.exe Buffer Overflow

Tabs Switcher

Categories

Archives

Meta

BLOGROLL

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Share this:

Tabs Switcher

Categories

Archives

Meta

BLOGROLL