The Apple Quicktime plugin for Windows is vulnerable to a remote buffer overflow vulnerability.
>> TAG: #iphone
Viscosity OpenVPN client for Mac OS X suffers from a local root command execution vulnerability due to a suid binary executing site.py.
Zero Day Initiative Advisory 12-135 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file
This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system’s default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).
WikiLeak suspects treatment 'shocking' NEWS.com.au The US Army soldier accused of handing over a trove of secret documents to the WikiLeaks website was subjected to harsh, “unlawful” conditions for nine months at the brig even though psychiatrists concluded he was not at risk of committing suicide … and more
Gizmodo UK Anonymous Did Something Good? Apparently It Had a Hand In WikiLeak's 'Syria ..
Zero Day Initiative Advisory 12-109 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file
Zero Day Initiative Advisory 12-107 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file
Zero Day Initiative Advisory 12-105 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
Zero Day Initiative Advisory 12-095 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XML elements within a TeXML file.