[webapps] – Axigen Mail Server 8.0.1 Stored XSS
Axigen Mail Server 8.0.1 Stored XSS
[webapps] – Xeams Email Server 4.4 Build 5720 Stored XSS
Xeams Email Server 4.4 Build 5720 Stored XSS
[webapps] – WinWebMail Server 3.8.1.6 Stored XSS
WinWebMail Server 3.8.1.6 Stored XSS
[webapps] – T-dah Webmail Client 3.2.0-2.3 Stored XSS
T-dah Webmail Client 3.2.0-2.3 Stored XSS
Zero Day Initiative Advisory 12-135
Zero Day Initiative Advisory 12-135 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file
Zero Day Initiative Advisory 12-130
Zero Day Initiative Advisory 12-130 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
[papers] – [Hebrew] Digital Whisper Security Magazine #34
[Hebrew] Digital Whisper Security Magazine #34
[webapps] – Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability
Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability
iOS SSL Kill Switch
This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system's default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).