[webapps] – Synology DiskStation Manager (DSM) 4.3-3776 – Multiple Vulnerabilities
Synology DiskStation Manager (DSM) 4.3-3776 - Multiple Vulnerabilities
Apple Security Advisory 2013-09-06-1
Apple Security Advisory 2013-09-06-1 - AirPort Base Station Firmware Update 7.6.4 is now available and addresses a security issue. An associated client may be able to cause an unexpected base station system termination.
Packet Storm Exploit 2013-0827-1 – Oracle Java ByteComponentRaster.verify() Memory Corruption
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
FBI Agent Claims Hacking Group Anonymous is on Lockdown
FBI officials are claiming to have all but shut down hacker collective Anonymous because arrests have acted as a deterrent and freaked out hacktivists donβt trust each other.
[remote] – dreamMail e-mail client v4.6.9.2 Stored XSS
dreamMail e-mail client v4.6.9.2 Stored XSS
[papers] – Win32-Worm:VBS/Jenxcus.A Malware Report
Win32-Worm:VBS/Jenxcus.A Malware Report
Oracle Java storeImageArray() Invalid Array Indexing Code Execution
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll.
[webapps] – WordPress Usernoise Plugin 3.7.8 – Persistent XSS Vulnerability
Wordpress Usernoise Plugin 3.7.8 - Persistent XSS Vulnerability