|
|
Colapse all |
Post message
Executable installers are vulnerable^WEVIL (case 27): Cygwin's installers allow arbitrary (remote) code execution WITH escalation of privilege 2016-02-26 Stefan Kanthak (stefan kanthak nexgo de) Executable installers are vulnerable^WEVIL (case 28): Google's Chrome cleanup tool allows arbitrary (remote) code execution WITH escalation of privilege 2016-02-26 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, Google's software_removal_tool.exe alias Chrome Cleanup Tool loads and executes several DLLs from its "application directory" during runtime: * Windows XP: SetupAPI.dll, NTMarta.dll, ClbCatQ.dll, SRClient.dll, UXTheme.dll, RASAPI32.dll, HNetCfg.dll, IPHlpAPI.dll, RASAdHlp.dll, XPSP2Res [ more ] [ reply ] Zimbra Cross-Site Scripting vulnerabilities 2016-02-25 pxli fortinet com Recently Zimbra Collaboration 8.6 Patch 5 was released. It fixed two Cross-Site Scripting vulnerabilities discovered by Fortinet's FortiGuard Labs. More details can be found at https://community.zimbra.com/collaboration/f/1884/t/1140919 http://www.fortiguard.com/advisory/fortinet-discovers-zimbra-c [ more ] [ reply ] WordPress plugin wp-ultimate-exporter SQL injection vulnerability 2016-02-25 Henri Salo (henri nerv fi) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 After reading bugtraq post[1] I noticed additional vulnerability from WordPress plugin wp-ultimate-exporter[2]. Versions 1.0 and 1.1 are affected of SQL injection vulnerability without authentication. 1: http://seclists.org/bugtraq/2016/Feb/172 2: http [ more ] [ reply ] APPLE-SA-2016-02-25-1 Apple TV 7.2.1 2016-02-25 Apple Product Security (product-security-noreply lists apple com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2016-02-25-1 Apple TV 7.2.1 Apple TV 7.2.1 is now available and addresses the following: bootp Available for: Apple TV (3rd Generation) Impact: A malicious Wi-Fi network may be able to determine networks a device has previously accessed [ more ] [ reply ] [SECURITY] [DSA 3493-1] xerces-c security update 2016-02-25 Salvatore Bonaccorso (carnil debian org) CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-25 Cantor, Scott (cantor 2 osu edu) (1 replies) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input Severity: Critical Vendor: The Apache Software Foundation Versions Affected: Apache Xerces-C XML Parser library versions prior to V3.1.3 Description: The Xerces-C XML parser mish [ more ] [ reply ] RE: CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-26 Shivaprasad Sadashivappa (Shivaprasad S trianz com) JSN PowerAdmin Joomla! Extension - Remote Command Execution Via CSRF and XSS vulnerabilities 2016-02-24 Ratio Sec (ratiosec gmail com) --------------------------------------------------------- RatioSec Research Security Advisory RS-2016-001 --------------------------------------------------------- JSN PowerAdmin Joomla! Extension Remote Command Execution Via CSRF and XSS vulnerabilities -------------------------------------------- [ more ] [ reply ] WordPress User Submitted Posts Plugin [Persistent XSS] 2016-02-24 Panagiotis Vagenas (pan vagenas gmail com) * Exploit Title: WordPress User Submitted Posts Plugin [Persistent XSS] * Discovery Date: 2016-02-10 * Exploit Author: Panagiotis Vagenas * Author Link: https://twitter.com/panVagenas * Vendor Homepage: https://plugin-planet.com/ * Software Link: https://wordpress.org/plugins/user-submitted-posts/ * [ more ] [ reply ] Belkin N150 Router Multiple XSS Vulnerability 2016-02-24 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : Belkin N150 Home Router #Exploit Author : Rahul Pratap Singh #Home page Link : http://www.belkin.com #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 #Version : F9K1009 v1 #Firmware : 1.00.09 #Date : 24/Feb/2016 â?? Vulnerability/BUG Report : â??â??â??â??â? [ more ] [ reply ] Import Woocommerce XSS Vulnerability 2016-02-24 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : Import Woocommerce #Exploit Author : Rahul Pratap Singh #Version : 1.0.1 #Home page Link : https://wordpress.org/plugins/import-woocommerce/ #Website : 0x62626262.wordpress.com <http://0x62626262.wordpress.com/> #Linkedin : https://in.linkedin.com/in/rahulpratapsing [ more ] [ reply ] WP Ultimate Exporter XSS Vulnerability 2016-02-24 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : WP Ultimate Exporter #Exploit Author : Rahul Pratap Singh #Version : 1.0 #Home page Link : https://wordpress.org/plugins/wp-ultimate-exporter/ #Website : 0x62626262.wordpress.com <http://0x62626262.wordpress.com/> #Linkedin : https://in.linkedin.com/in/rahulpratapsi [ more ] [ reply ] WP Advanced Importer XSS Vulnerability 2016-02-24 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : WP Advanced Importer #Exploit Author : Rahul Pratap Singh #Version : 2.1.1 #Home page Link : https://wordpress.org/plugins/wp-advanced-importer/ #Website : 0x62626262.wordpress.com <http://0x62626262.wordpress.com/> #Linkedin : https://in.linkedin.com/in/rahulpratap [ more ] [ reply ] CSV Import XSS Vulnerability 2016-02-24 Rahul Pratap Singh (techno rps gmail com) ## FULL DISCLOSURE #Product : CSV Import #Exploit Author : Rahul Pratap Singh #Version : 1.0 #Home page Link : https://wordpress.org/plugins/csv-import/ #Website : 0x62626262.wordpress.com <http://0x62626262.wordpress.com/> #Linkedin : https://in.linkedin.com/in/rahulpratapsingh94 #Date : 23/Feb/20 [ more ] [ reply ] eFront 3.6.15.6 CMS â?? (Message Attachment) Persistent Cross Site Scripting Vulnerability 2016-02-24 Vulnerability Lab (research vulnerability-lab com) Document Title: =============== eFront 3.6.15.6 CMS â?? (Message Attachment) Persistent Cross Site Scripting Vulnerability References (Source): ==================== http://www.vulnerability-lab.com/get_content.php?id=1765 Release Date: ============= 2016-02-24 Vulnerability Laboratory ID (VL-I [ more ] [ reply ] Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege 2016-02-24 Stefan Kanthak (stefan kanthak nexgo de) "Jernej SimonÄiÄ" <jernej|s-os (at) eternallybored (dot) org [email concealed]> wrote: > On 23. februar 2016, 17:37:54, Stefan Kanthak wrote: > >> Proof of concept/demonstration: >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >[snip] >> PWNED! > > Can't reproduce - tested on Windows XP SP3, Windows 7 x64 SP1 and > Windows 10 x64 (10586. [ more ] [ reply ] Extra User Details [Privilege Escalation] 2016-02-24 Panagiotis Vagenas (pan vagenas gmail com) """ * Exploit Title: Extra User Details [Privilege Escalation] * Discovery Date: 2016-02-13 * Exploit Author: Panagiotis Vagenas * Author Link: https://twitter.com/panVagenas * Vendor Homepage: http://vadimk.com/ * Software Link: https://wordpress.org/plugins/extra-user-details/ * Version: 0.4.2 * T [ more ] [ reply ] [KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability 2016-02-24 Egidio Romano (research karmainsecurity com) ------------------------------------------------------------------ Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability ------------------------------------------------------------------ [-] Software Link: http://magento.com/ [-] Affected Versions: Version 1.9.2.2 and prior versi [ more ] [ reply ] [slackware-security] ntp (SSA:2016-054-04) 2016-02-23 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2016-054-04) New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches [ more ] [ reply ] [slackware-security] libgcrypt (SSA:2016-054-03) 2016-02-23 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] libgcrypt (SSA:2016-054-03) New libgcrypt packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +----------------------- [ more ] [ reply ] [slackware-security] glibc (SSA:2016-054-02) 2016-02-23 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] glibc (SSA:2016-054-02) New glibc packages are available for Slackware 14.1 and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/glibc-2.17-i [ more ] [ reply ] Ubiquiti Networks UniFi v3.2.10 Generic CSRF Protection Bypass 2016-02-23 Julien Ahrens (info rcesecurity com) Executable installers are vulnerable^WEVIL (case 4): InstallShield's wrapper and setup.exe 2016-02-24 Stefan Kanthak (stefan kanthak nexgo de) Hi @ll, executable installers [°] created with InstallShield (see <http://www.flexerasoftware.com/producer/products/software-installation/ installshield-software-installer/> alias <http://installshield.com/>) are vulnerable: 1. Their wrappers/self-extractors load and execute a rogue/bogus/ malic [ more ] [ reply ] [slackware-security] bind (SSA:2016-054-01) 2016-02-23 Slackware Security Team (security slackware com) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] bind (SSA:2016-054-01) New bind packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patch [ more ] [ reply ] |
|
Privacy Statement |
Cygwin's setup-x86.exe loads and executes UXTheme.dll
(on Windows XP also ClbCatQ.dll) and some more DLLs from its
"application directory".
For software downloaded with a web browser the application
directory is typically the user's "Downloads" directory: see
<https://insights.sei.cmu.edu/
[ more ] [ reply ]