Packet Storm Advisory 2013-0827-1 – Oracle Java ByteComponentRaster.verify()
Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file
Tags: exploit, facebook, ubuntuPacket Storm Exploit 2013-0827-1 – Oracle Java ByteComponentRaster.verify() Memory Corruption
Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of “dataOffsets[]” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
Tags: Apple, exploit, facebook, Vulnerability, xss[webapps] – Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
Foreman (Red Hat OpenStack/Satellite) users/create Mass Assignment
Tags: end-end, exploit, function-toggle, Security, webapps[webapps] – Netgear ProSafe – Information Disclosure Vulnerability
Netgear ProSafe – Information Disclosure Vulnerability
Tags: exploit, function-toggle, Security, webapps[webapps] – CBHotel Hotel Software and Booking system 1.8 – Multiple Vulnerabilities
CBHotel Hotel Software and Booking system 1.8 – Multiple Vulnerabilities
Tags: dylan-irzi, exploit, irzi11-pentest, Security, webapps