Subscribe via feed.

[webapps] – Axigen Mail Server 8.0.1 Stored XSS

Posted by oxygenne under exploit, m$, Security, XSS (No Respond)

Axigen Mail Server 8.0.1 Stored XSS

Tags: , , ,

[webapps] – Xeams Email Server 4.4 Build 5720 Stored XSS

Posted by dendawga under exploit, m$, Security, XSS (No Respond)

Xeams Email Server 4.4 Build 5720 Stored XSS

Tags: , ,

[webapps] – WinWebMail Server 3.8.1.6 Stored XSS

Posted by chieftdog under exploit, m$, Security, XSS (No Respond)

WinWebMail Server 3.8.1.6 Stored XSS

Tags: , , ,

[webapps] – T-dah Webmail Client 3.2.0-2.3 Stored XSS

Posted by Dimitar under exploit, m$, Security, XSS (No Respond)

T-dah Webmail Client 3.2.0-2.3 Stored XSS

Tags: , ,

[webapps] – SurgeMail 6.0a4 Stored XSS

Posted by drdogma under exploit, m$, Security, XSS (No Respond)

SurgeMail 6.0a4 Stored XSS

Tags: , , ,

Zero Day Initiative Advisory 12-135

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-135 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file

Tags: , , , ,

Zero Day Initiative Advisory 12-130

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-130 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Tags: , , , ,

[papers] – [Hebrew] Digital Whisper Security Magazine #34

Posted by dataflow under exploit, hhu, m$, Security, software, XSS (No Respond)

[Hebrew] Digital Whisper Security Magazine #34

Tags: , , , ,

[webapps] – Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

Posted by q121q under exploit, m$, Security, XSS (No Respond)

Dr. Web Control Center 6.00.3.201111300 XSS Vulnerability

Tags: , ,

iOS SSL Kill Switch

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

This is a MobileSubstrate extension to disable certificate validation within NSURLConnection in order to facilitate black-box testing of iOS Apps. Once installed on a jailbroken device, iOS SSL Kill Switch patches NSURLConnection to override and disable the system’s default certificate validation as well as any kind of custom certificate validation (such as certificate pinning).

Tags: , , ,