A buffer overflow vulnerability exists in UniPDF v1.1 due to improper bounds checking of user-supplied input. An attacker can exploit this vulnerability to overwrite the SEH and nSEH pointers, resulting in a denial of service condition. To exploit this vulnerability, an attacker must create a malicious update.xml file containing a specially crafted string of data and copy it to the UniPDF application folder. When the application is run, the malicious string will be processed, resulting in a denial of service condition.
Gatekeeper is a feature available in OS X Lion v10.7.5 and later versions of OS X. Gatekeeper performs checks on files and applications downloaded from the Internet to prevent execution of supposedly malicious and untrusted/unsigned code. We found an attacker can bypass OS X Gatekeeper protections and execute unsigned malicious code downloaded by the user, even if OS X Gatekeeper is configured to only allow execution of applications downloaded from the Mac App Store (the highest security setting). The exploitation technique is trivial and requires Java to be installed on the victim's machine. OS X Gatekeeper prevents execution of downloaded Java Jar (.jar) and class (.class) files, but this verification is not performed when the files are executed using the Java Runtime Environment (JRE). An attacker can create a malicious Java Jar file, host it on a web server and send the URL to the victim.
ManageEngine Firewall Analyzer is an agent less log analytics and configuration management software that helps network administrators to centrally collect, archive, analyze their security device logs and generate forensic reports out of it. Directory Traversal: http://127.0.0.1/fw/mindex.do?url=./WEB-INF/web.xml%3f http://127.0.0.1/fw/index2.do?completeData=true&helpP=archiveAction&tab=system&url=./WEB-INF/web.xml%3f http://127.0.0.1/fw/index2.do?helpP=fim&link=0&sel=13&tab=system&url=./WEB-INF/web.xml%3f XSS: http://127.0.0.1/fw/index2.do?completeData=true&url=importedLogDetails" onmouseover%3dprompt(902321) bad%3d"
Different D-Link Routers are vulnerable to DNS change. The vulnerability exist in the web interface, which is accessible without authentication. Once modified, systems use foreign DNS servers, which are usually set up by cybercriminals. Users with vulnerable systems or devices who try to access certain sites are instead redirected to possibly malicious sites. Modifying systems' DNS settings allows cybercriminals to perform malicious activities like steering unknowing users to bad sites, replacing ads on legitimate sites, controlling and redirecting network traffic, and pushing additional malware.
Multiple critical vulnerabilities were discovered in Symantec Data Center Security: Server Advanced (SDCS:SA) and Symantec Critical System Protection (SCSP). These vulnerabilities include CVE-2014-7289, CVE-2014-9224, CVE-2014-9225, and CVE-2014-9226. These vulnerabilities could allow an attacker to gain access to sensitive information, execute arbitrary code, and cause a denial of service. SCSP 5.2.9 MP6 and SDCS:SA 6.0 MP1 have been released to address these vulnerabilities, but not all of them have been fixed.
The content management system ferretCMS v.1.0.4, which is currently in alpha development stage, suffers from multiple stored/reflecting XSS- and SQLi-vulnerabilities in its administrative backend. Moreover, there exists the possibility to upload arbitrary files via the administrative backend, which can be executed by unauthenticated users, too.
Some Android devices are affected by a Denial of Service attack when scanning for WiFi Direct devices. An attacker could send a specially crafted 802.11 Probe Response frame causing the Dalvik subsystem to reboot because of an Unhandle Exception on WiFiMonitor class.
ManageEngine EventLog Analyzer is vulnerable to directory traversal and XSS attacks. An attacker can exploit this vulnerability to gain access to sensitive files and execute malicious scripts in the user's browser.
XSF occurs when an SWF have permission/able to load another file from another directory or site.The vulnerable swf can be exploited by just loading swf/img/any ( like Phishing or Cross-Site scripting. As you can see the .buttonTextStyle variable is not well configured ( by exactly adding the value ) and This ButtonTextStyle will accept any value. The vulneralbe SWF will load any file.
Comodo Backup is vulnerable to a null pointer dereference privilege escalation vulnerability. This vulnerability can be exploited by a local attacker to gain elevated privileges on the system. The vulnerability exists due to a lack of proper validation of user-supplied input when handling certain IOCTLs. An attacker can exploit this vulnerability by sending a specially crafted IOCTL to the vulnerable driver. This can allow the attacker to gain elevated privileges on the system.
Services By CQR