This Metasploit module gains a session with root permissions on versions of OS X with sudo binary vulnerable to CVE-2013-1775.
>> CATEGORY: XSS
FBI officials are claiming to have all but shut down hacker collective Anonymous because arrests have acted as a deterrent and freaked out hacktivists don’t trust each other.
dreamMail e-mail client v4.6.9.2 Stored XSS
Win32-Worm:VBS/Jenxcus.A Malware Report
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This vulnerability allows for remote code execution
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataOffsets[0]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution.
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll.