Subscribe via feed.

Apple Security Advisory 2012-07-25-1

Posted by deepcore under Apple, blackberry, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Apple Security Advisory 2012-07-25-1 – A cross-site scripting issue existed in the handling of feed:// URLs in Safari.

Tags: , ,

[webapps] – SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection

Posted by mehdibob under exploit, m$, Security, XSS (No Respond)

SpiceWorks 5.3.75941 Stored XSS and Post-Auth SQL Injection

Tags: , , ,

[webapps] – AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

Posted by ehsan under exploit, m$, Security, XSS (No Respond)

AlienVault OSSIM 3.1 Reflected XSS and Blind SQL Injection

Tags: , , , ,

[webapps] – X-Cart Gold 4.5 (products_map.php symb parameter) XSS Vulnerability

Posted by bambiVichi under exploit, m$, Security, XSS (No Respond)

X-Cart Gold 4.5 (products_map.php symb parameter) XSS Vulnerability

Tags: , , ,

Zero Day Initiative Advisory 12-109

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-109 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Quicktime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file

Tags: , , ,

Secunia Security Advisory 49542

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Secunia Security Advisory – Apple has issued an update for Java for Mac OS X.

Tags: , , ,

Secunia Security Advisory 49489

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, software, tools, twitter, XSS (No Respond)

Secunia Security Advisory – Apple has reported two vulnerabilities in Apple iTunes, which can be exploited by malicious people to compromise a user’s system.

Tags: , ,

Apple Security Advisory 2012-06-11-1

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Apple Security Advisory 2012-06-11-1 – iTunes 10.6.3 is now available and addresses multiple issues. Importing a maliciously crafted .m3u playlist may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in the handling of .m3u playlists. Visiting a maliciously crafted website may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in WebKit.

Tags: , ,

Zero Day Initiative Advisory 12-077

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-077 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the QuickTimeVR.qtx component

Tags: , , , ,

Zero Day Initiative Advisory 12-075

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

Zero Day Initiative Advisory 12-075 – This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application decodes video samples encoded with the RLE codec

Tags: , ,