Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
tools,
twitter,
XSS (
No Respond)
Zero Day Initiative Advisory 12-105 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Tags:
Apple,
exploit,
iphone,
ubuntu
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
tools,
twitter,
XSS (
No Respond)
Security Explorations does not agree with Apple’s evaluation of a vulnerability they reported. They have decided to release proof of concept code to demonstrate a bypass vulnerability in Apple QuickTime Java extensions.
Tags:
Apple,
python,
Security
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
tools,
twitter,
XSS (
No Respond)
Zero Day Initiative Advisory 12-095 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file.
Tags:
exploit,
facebook,
iphone,
python,
Security
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
software,
tools,
twitter,
XSS (
No Respond)
Apple Security Advisory 2012-06-12-1 – Multiple vulnerabilities exist in Java, the most serious of which may allow an untrusted Java applet to execute arbitrary code outside the Java sandbox. Visiting a web page containing a maliciously crafted untrusted Java applet may lead to arbitrary code execution with the privileges of the current user
Tags:
Apple,
exploit,
iphone,
Security,
Vulnerability
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
software,
tools,
twitter,
XSS (
No Respond)
Secunia Security Advisory – Apple has issued an update for Java for Mac OS X.
Tags:
Apple,
iphone,
python,
xss
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
software,
tools,
twitter,
XSS (
No Respond)
Secunia Security Advisory – Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user’s system.
Tags:
exploit,
Security,
xss
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
tools,
twitter,
XSS (
No Respond)
Apple Security Advisory 2012-06-11-1 – iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.
Tags:
iphone,
Vulnerability,
xss
Posted by deepcore under
Apple,
exploit,
facebook,
iphone,
m$,
OSX security tools,
Privacy,
Security,
tools,
twitter,
XSS (
No Respond)
Apple iTunes version 10.6.1.7 M3U playlist file walking heap buffer overflow proof of concept exploit. This also affects 10.6.0.40.
Tags:
iphone,
Security,
tools,
ubuntu
This is a (fast) multi-threaded python tool for enumerating subdomains. This tool also contains a large list of real subdomains that you will find in the wild. By default this tool does subdomain enumeration about 8 times faster than Fierce, and can chew through 31k lookups in about 5 minutes on a home cable connection.
Webapp-Exploit-Payloads is a collection of payloads for common webapps. For example Joomla and WordPress. From the hundreds of different Web Application Vulnerabilities that can be found on any website, only a smallpercentage gives the intruder a direct way for executing operating system commands. And if we keepdigging into that group we‟ll identify only one or two […]