10 - 2019 - :: Deepquest ::

>> [dos] Windows Kernel – win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter

USER: deepcore // 2019-10-10 // 0 CMT

Windows Kernel – win32k.sys TTF Font Processing Pool Corruption in win32k!ulClearTypeFilter

>> [local] ASX to MP3 converter 3.1.3.7 – '.asx' Local Stack Overflow (Metasploit, DEP Bypass)

USER: deepcore // 2019-10-10 // 0 CMT

ASX to MP3 converter 3.1.3.7 – ‘.asx’ Local Stack Overflow (Metasploit, DEP Bypass)

>> http://www.chaophaka.go.th/activity/images/

USER: deepcore // 2019-10-09 // 0 CMT

http://www.chaophaka.go.th/activity/images/ notified by Umam1337

>> http://www.huayyaijiw.go.th/activity/images/

USER: deepcore // 2019-10-09 // 0 CMT

http://www.huayyaijiw.go.th/activity/images/ notified by Umam1337

>> http://kampang.go.th/activity/images/

USER: deepcore // 2019-10-09 // 0 CMT

http://kampang.go.th/activity/images/ notified by Umam1337

>> http://www.wangthongnb.go.th/activity/images/

USER: deepcore // 2019-10-09 // 0 CMT

http://www.wangthongnb.go.th/activity/images/ notified by Umam1337

>> RENPHO 3.0.0 Information Disclosure

USER: deepcore // 2019-10-09 // 0 CMT

RENPHO version 3.0.0 fails to encrypt in transit and due to this can disclose sensitive information and allow for man-in-the-middle attacks.

>> Socomec DIRIS A-40 Password Disclosure

USER: deepcore // 2019-10-09 // 0 CMT

Socomec DIRIS A-40 devices versions before 48250501 allow a remote attacker to get full access to a device via the /password.jsn URI.

>> WebKit FrameLoader::clear Same-Origin Policy Bypass

USER: deepcore // 2019-10-09 // 0 CMT

WebKit suffers from a same-origin policy bypass vulnerability in FrameLoader::clear.

>> File Sharing Wizard 1.5.0 POST SEH Overflow

USER: deepcore // 2019-10-09 // 0 CMT

This Metasploit module exploits an unauthenticated HTTP POST SEH-based buffer overflow in File Sharing Wizard version 1.5.0.