Mac OS X Sudo Password Bypass
This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775.
FBI Agent Claims Hacking Group Anonymous is on Lockdown
FBI officials are claiming to have all but shut down hacker collective Anonymous because arrests have acted as a deterrent and freaked out hacktivists donβt trust each other.
[remote] – dreamMail e-mail client v4.6.9.2 Stored XSS
dreamMail e-mail client v4.6.9.2 Stored XSS
[papers] – Win32-Worm:VBS/Jenxcus.A Malware Report
Win32-Worm:VBS/Jenxcus.A Malware Report
Packet Storm Advisory 2013-0819-1 – Oracle Java BytePackedRaster.verify()
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file
Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe
Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This vulnerability allows for remote code execution
Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
Packet Storm Advisory 0811-1 – Oracle Java storeImageArray()
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution.
Oracle Java storeImageArray() Invalid Array Indexing Code Execution
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll.