YingZhi Python version 1.9 application for iOS allows for arbitrary file uploads to the root WWW directory and also has a ftp server directory traversal vulnerability that forces no authentication.
>> TAG: #stumbleupon
TIME Assange's stubborn grip hurt WikiLeaks CNN There's something deeply ironic, and sad, about watching WikiLeaks ' founder turn to a country with a terrible record on press freedom to avoid falling into the hands of another government, or governments, if you count the United States as the other …
Defense scores partial victory in WikiLeaks pretrial Radio Netherlands Lawyers for WikiLeaks suspect Bradley Manning scored a partial victory when a judge ruled his defense team should be given access to government documents …
Zero Day Initiative Advisory 12-078 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the way Apple QuickTime handles file with the Sorenson v3 Codec
Zero Day Initiative Advisory 12-076 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple’s QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.