YingZhi Python 1.9 Arbitrary Traversal / Write
YingZhi Python version 1.9 application for iOS allows for arbitrary file uploads to the root WWW directory and also has a ftp server directory traversal vulnerability that forces no authentication.
Apple Security Advisory 2012-09-24-1
Apple Security Advisory 2012-09-24-1 - Apple TV 5.1 is now available and addresses issues relating to malicious media loading, memory corruption, and more.
Secunia Security Advisory 50586
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iOS, which can be exploited by malicious, local users to disclose system information and gain escalated privileges, by malicious people to disclose potentially sensitive information, conducts spoofing attacks, and compromise a user's device, and by malicious people with physical access to disclose potentially sensitive information and bypass certain security restrictions.
Apple Security Advisory 2012-09-12-1
Apple Security Advisory 2012-09-12-1 - iTunes 10.7 is now available and addresses multiple memory corruption issues in webkit.
Secunia Security Advisory 50618
Secunia Security Advisory - Multiple vulnerabilities have been reported in Apple iTunes, which can be exploited by malicious people to compromise a user's system.
[webapps] – Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF
Trend Micro InterScan Messaging Security Suite Stored XSS and CSRF
[papers] – Detecting and Exploiting XSS Vulnerabilities with Xenotix XSS Exploit Framework
Detecting and Exploiting XSS Vulnerabilities with Xenotix XSS Exploit Framework
[webapps] – Clipster Video Persistent XSS Vulnerability
Clipster Video Persistent XSS Vulnerability
[webapps] – OTRS Open Technology Real Services 3.1.8 and 3.1.9 XSS Vulnerability
OTRS Open Technology Real Services 3.1.8 and 3.1.9 XSS Vulnerability
[webapps] – BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload
BusinessWiki 2.5RC3 Stored XSS & Arbitrary File Upload