Posted by Steffen Rösemann on Feb 21

Advisory: Stored XSS-Vulnerabilities in MyBB v. 1.8.3
Advisory ID: SROEADV-2015-15
Author: Steffen Rösemann
Affected Software: MyBB v. 1.8.3
Vendor URL: http://www.mybb.com
Vendor Status: patched
CVE-ID: –

==========================
Vulnerability Description:
==========================

MyBB v. 1.8.3 suffers from multiple stored XSS-vulnerabilities in the
administrative backend.

==================
Technical Details:
==================

The…

Posted by Steffen Rösemann on Feb 21

Advisory: Multiple SQLi, stored/reflecting XSS- and CSRF-vulnerabilities in
phpBugTracker v.1.6.0
Advisory ID: SROEADV-2015-16
Author: Steffen Rösemann
Affected Software: phpBugTracker v.1.6.0
Vendor URL: https://github.com/a-v-k/phpBugTracker
Vendor Status: patched
CVE-ID: will asked to be assigned after release on FullDisclosure via
OSS-list
Tested on: OS X 10.10 with Firefox 35.0.1 ; Kali Linux 3.18, Iceweasel 31

==========================…

Posted by Taoguang Chen on Feb 21

#Use After Free Vulnerability in unserialize() with DateTime* [CVE-2015-0273]

Taoguang Chen <[ () chtg](http://github.com/chtg)> – Write Date:
2015.1.29 – Release Date: 2015.2.20

Affected Versions
————
Affected is PHP 5.6 < 5.6.6
Affected is PHP 5.5 < 5.5.22
Affected is PHP 5.4 < 5.4.38

Credits
————
This vulnerability was disclosed by Taoguang Chen.

Description
————

“`
static int…

Posted by Taoguang Chen on Feb 21

#Type Confusion Infoleak Vulnerability in unserialize() with DateTimeZone

Taoguang Chen <[ () chtg](http://github.com/chtg)> – Write Date:
2015.1.29 – Release Date: 2015.2.20

Affected Versions
————
Affected is PHP 5.6 < 5.6.6
Affected is PHP 5.5 < 5.5.22
Affected is PHP 5.4 < 5.4.38

Credits
————
This vulnerability was disclosed by Taoguang Chen.

Description
————

“`
static int…

Posted by Stefan Kanthak on Feb 21

Hi @ll,

in order to prevent the start of the defunct USENET news client
(alias “Windows Mail”) that Microsoft installs with Windows 7
and later versions of Windows as “Microsoft Outlook NewsReader”,
the installation of all editions of Microsoft Office 2010 which
include Microsoft Outlook 2010 as well as the standalone version
of the latter create the following registry entries for the
“Microsoft Outlook NewsReader”…

Posted by Stefan Kanthak on Feb 21

Hi @ll,

the just released iTunes 12.1.1 for Windows still comes with
outdated and VULNERABLE 3rd party libraries and vulnerable
command lines:

In AppleMobileDeviceSupport.msi:

* libeay32.dll and ssleay32.dll 0.9.8za from 2014-06-05

The current version is 0.9.8ze and has 21 security fixes
which are missing in 0.9.8za; see <http://openssl.org/news/>

At last, these DLLs are no more 7 years old as before, but
“only” 8…

Posted by Paweł on Feb 21

Hello,
What do you think about it?
https://trac.videolan.org/vlc/ticket/13875
VLC for Android Beta was downloaded by over 10.000.000. This file crash
this app. On VLC beta for Windows bug is exploitable. Currently for windows
is fixed, but for android is still vulnerable.

Posted by Praveen D on Feb 21

CVE-2015-0555

Introduction
*************************************************************

There is a Buffer Overflow Vulnerability which leads to Remote Code
Execution.
Vulnerability is due to input validation to the API ReadConfigValue and
WriteConfigValue API’s in XnsSdkDeviceIpInstaller.ocx

This is different from CVE-2014-3911 as the version of iPolis 1.12.2
(latest as of 12/12/2014).
CVE-2014-3911 is related to different ActiveX and on…

Posted by Levon Kayan on Feb 21

Hi,

We just released version 1.2 of our PE encrypter, hyperion.

[ CHANGELOG ]

– added support for Windows 8 and 8.1

[ DESCR ]

Hyperion is a runtime encrypter for 32-bit portable executables. It is
a reference implementation and bases on the paper “Hyperion:
Implementation of a PE-Crypter”.

[ LINKS ]

Tool @ http://www.nullsecurity.net/tools/binary.html
Papers/slides available @ http://nullsecurity.net/papers.html

cheers,
noptrix

Posted by Eric Flokstra on Feb 21

====================================================
Product: WooCommerce WordPress plugin
Vendor: WooThemes
Tested Version: 2.2.10
Vulnerability Type: Cross-Site Scripting [CWE-79]
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Solved in version 2.2.11
Discovered and Provided: Eric Flokstra – ITsec Security Services
====================================================
[-] About the Vendor:

WooCommerce is…