>> CATEGORY: exploit

TECO SG2 FBD Client version 3.51 suffers from a vulnerability that is caused due to a boundary error in the processing of a Genie FBD, which can be exploited to…

zTree version 3.5.19.1 suffers from a cross site scripting vulnerability.

A number of Windows kernel crashes in the win32k.sys driver exist while processing a specific corrupted TTF font file. This finding documents an overflow with a malformed OS/2 table.

The Cisco FireSIGHT Management Center appliance suffers from a certificate validation vulnerability. FirePWNER exploit included. Versions affected include 5.2.x, 5.3.x, and 5.4.x.

The attached testcase was found by fuzzing DEX files, and results in a heap overflow with a wild memcpy. Note that Kaspersky catch exceptions and continue execution, so running into…

Adobe Reader X and XI for Windows suffer from an out-of-bounds read in CoolType.dll.

On Windows 8.1 Update 32/64 bit, the system call NtApphelpCacheControl (the code is actually in ahcache.sys) allows application compatibility data to be cached for quick reuse when new processes are…

TECO JN5 L510-DriveLink version 1.482 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause…

TECO AP-PCLINK version 1.094 suffers from a vulnerability that is caused due to a boundary error in the processing of a project file, which can be exploited to cause a…

An independent vulnerability laboratory researcher discovered a file include web vulnerability in the official WordPress LineNity Premium Theme in 2015Q4.