Apple Security Advisory 2012-11-29-1
Apple Security Advisory 2012-11-29-1 - Apple TV 5.1.1 is now available and addresses information disclosure and code execution vulnerabilities.
Apple QuickTime 7.7.2 MIME Type Buffer Overflow
This Metasploit module exploits a buffer overflow in Apple QuickTime 7.7.2. The stack based overflow occurs when processing a malformed Content-Type header. The module has been tested successfully on Safari 5.1.7 and 5.0.7 on Windows XP SP3.
[webapps] – Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
Oracle OpenSSO 8.0 Multiple XSS POST Injection Vulnerabilities
Apple WGT Dictionnaire 1.3 Script Code Injection
Apple WGT Dictionnaire version 1.3 suffers from a script code injection vulnerability.
Apple QuickTime 7.7.2 TeXML Style Element font-table Field Stack Buffer Overflow
This Metasploit module exploits a vulnerability found in Apple QuickTime.
Twitter 5.0 Eavesdropping Proof Of Concept
The Twitter 5.0 application for iPhone grabs images over HTTP and due to this, allows for a man in the middle attack / image swap. Proof of concept included.
Apple QuickTime 7.7.2 Buffer Overflow
Apple QuickTime versions 7.7.2 and below suffer from a buffer overflow vulnerability in the handling of TGA files.
Zero Day Initiative Advisory 12-185
Zero Day Initiative Advisory 12-185 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OSX. Authentication is not required to exploit this vulnerability.