Title: Windows DNS Client – Memory Corruption Vulnerabilities Release Date: October 10, 2017 Patch Date: October 10, 2017 Reported Date: March 7, 2017 Vendor: Microsoft Corporation Systems Affected: Windows 8 through Windows 10, and Windows Server 2012 through 2016. Summary: High-risk memory corruption vulnerabilities in the Windows DNS client could lead to the compromise of …
News & Events
News in category "Advisories"
A stored XSS vulnerability was identified in the webmail component of atmail 7. By sending a specially crafted email to a victim, an attacker can include an XSS payload to steal user contacts, send arbitrary emails, expose inbox contents, and more.
The Bishop Fox assessment team discovered an arbitrary command injection vulnerability within the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and execute arbitrary commands on the vulnerable system as the root user.
An improper access control vulnerability was discovered in the SolarWinds’ Log & Event Manager (LEM) management console (CMC). The CMC is a restricted environment providing functionality for upgrading or maintaining LEM appliances. This vulnerability allows an authenticated user to bypass restrictions imposed by the CMC and browse the underlying server’s filesystem, as well as read the contents of arbitrary files contained within.
A vulnerability in the Cisco Jabber Guest Server could allow an unauthenticated, remote attacker to initiate connections to arbitrary hosts.
Three vulnerabilities were discovered in the Accellion Kiteworks appliance. The three vulnerabilities consisted of issues directly pertaining to incorrect default permissions, cross-site scripting, and path traversal.
Title: OS X Messages (iMessage): XSS & File Disclosure Release Date: March 21, 2016 Patch Date: March 21, 2016 Reported Date: February 2016 Vendor: Apple Systems Affected: Messages (iMessage) on OS X <= 9.1 Summary: Messages (iMessage) for OS X, a popular messaging platform from Apple, implements much of its user interface via an embedded …
Two high-risk vulnerabilities were discovered in CA Technologies Single Sign-On (formerly CA SiteMinder®) application. These vulnerabilities allowed a remote attacker to cause a denial-of-service attack or possibly gain sensitive information. We worked closely with CA Technologies in the disclosure and remediation process.
A reflected cross-site scripting vulnerability was found in the post-authentication administrative panel for ColdFusion, an Adobe web application development platform. Due to the critical functionality in the administration panel, an attacker could leverage this vulnerability to execute arbitrary commands on the server.
Due an expired domain of vjs.zendcdn.net in the default whitelist for NoScript, it is possible to bypass the protection offered by the add-on by registering the expired domain name.
LastPass, a popular password management service with extensions for Firefox, Chrome, and Internet Explorer, suffers from a clickjacking vulnerability. It can be exploited on sites without proper X-Frame-Options headers to steal passwords. The password autofill dialogue can be overlaid with a deceptive webpage that tricks users into copying and then pasting passwords into an attacker’s site.
AirDroid Version 3.0.4 and earlier versions’ web applications use JSON with padding (JSONP) for performing cross-origin requests. Due to JSONP being an insecure method of sharing data across origins, it is possible to hijack all of the AirDroid application functionality. By doing this, other users’ Android devices can be hijacked.
Oracle WebLogic Node Manager 10.3.3 and earlier versions contain a remote file inclusion vulnerability that could allow a remote attacker to execute arbitrary commands on an affected system.
PGP Desktop includes a Wipe Free Space utility that claims to eliminate data in all the free space on your hard drive including the the little areas after the end of existing files which may still have old data left behind. In short, the utility claims to wipe file slack space, the unused space in a disk cluster. The software does not work as advertised. It does not clean slack space.
Windows file time stamps can be set to extremely low values via the NtSetInformationFile() system call. The Windows API does not properly translate the low 64-bit time values stored on disk into human readable format, and displays no information instead. Although this is not a security vulnerability in itself, it adversely affects third-party applications that rely upon the Windows API to perform the translation.