Subscribe via feed.
Posts under m$

Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This vulnerability allows for remote code execution

Tags: , , ,

Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.

Tags: , ,

[remote] – Open-FTPD 1.2 Arbitrary File Upload

Posted by deepcore under exploit, m$, Security (No Respond)

Open-FTPD 1.2 Arbitrary File Upload

Tags: , ,

[remote] – HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

Posted by deepcore under exploit, m$, Security (No Respond)

HP StorageWorks P4000 Virtual SAN Appliance Login Buffer Overflow

Tags: , , ,

[remote] – MinaliC Webserver 2.0.0 – Buffer Overflow (Egghunter)

Posted by deepcore under exploit, m$, Security (No Respond)

MinaliC Webserver 2.0.0 – Buffer Overflow (Egghunter)

Tags: , , , ,

[dos] – onehttpd 0.7 – Denial of Service

Posted by deepcore under exploit, m$, Security (No Respond)

onehttpd 0.7 – Denial of Service

Tags: , , ,

WikiLeaks cables: US ‘lobbied Russia on behalf of Visa and MasterCard’ – The Guardian

Posted by deepcore under DDOS, m$, Wikileak (No Respond)

The Guardian WikiLeaks cables: US 'lobbied Russia on behalf of Visa and MasterCard' The Guardian A state department cable released this afternoon by WikiLeaks reveals that US diplomats intervened to try to amend a draft law going through Russia's duma, or lower house of parliament. Their explicit aim was to ensure the new law did not “disadvantage … and more

Tags: , ,

Packet Storm Advisory 0811-1 – Oracle Java storeImageArray()

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution.

Tags: , ,

Oracle Java storeImageArray() Invalid Array Indexing Code Execution

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll.

Tags: , ,

[webapps] – Joomla redSHOP Component 1.2 – SQL Injection

Posted by deepcore under exploit, m$, Security (No Respond)

Joomla redSHOP Component 1.2 – SQL Injection

Tags: , , ,