[webapps] – Sitecom N300/N600 Devices – Multiple Vulnerabilities
Sitecom N300/N600 Devices - Multiple Vulnerabilities
[webapps] – Adobe ColdFusion 9 Administrative Login Bypass
Adobe ColdFusion 9 Administrative Login Bypass
[remote] – Oracle Java BytePackedRaster.verify() Signed Integer Overflow
Oracle Java BytePackedRaster.verify() Signed Integer Overflow
[webapps] – Samsung DVR Firmware 1.10 – Authentication Bypass
Samsung DVR Firmware 1.10 - Authentication Bypass
[remote] – Graphite Web Unsafe Pickle Handling
Graphite Web Unsafe Pickle Handling
[webapps] – Bitbot C2 Panel gate2.php – Multiple Vulnerabilities
Bitbot C2 Panel gate2.php - Multiple Vulnerabilities
[papers] – Win32-Worm:VBS/Jenxcus.A Malware Report
Win32-Worm:VBS/Jenxcus.A Malware Report
[remote] – freeFTPd 1.0.10 (PASS Command) – SEH Buffer Overflow
freeFTPd 1.0.10 (PASS Command) - SEH Buffer Overflow
Packet Storm Advisory 2013-0819-1 – Oracle Java BytePackedRaster.verify()
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file
Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe