Posted by Vulnerability Lab on Aug 20
Document Title:
===============
UBNT Bug Bounty #1 – Client Side Cross Site Scripting Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1465
#52988
Release Date:
=============
2015-08-17
Vulnerability Laboratory ID (VL-ID):
====================================
1465
Common Vulnerability Scoring System:
====================================
2.8
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 20
Document Title:
===============
WebSolutions India Design CMS – SQL Injection Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1577
Release Date:
=============
2015-08-20
Vulnerability Laboratory ID (VL-ID):
====================================
1577
Common Vulnerability Scoring System:
====================================
8.7
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 20
Document Title:
===============
ChiefPDF Software v2.x – Buffer Overflow Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1578
Release Date:
=============
2015-08-20
Vulnerability Laboratory ID (VL-ID):
====================================
1578
Common Vulnerability Scoring System:
====================================
7.3
Product & Service Introduction:…
Posted by Vulnerability Lab on Aug 20
Document Title:
===============
PDF Shaper v3.5 – (MSF) Remote Buffer Overflow Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1579
Video: https://youtu.be/-HTEIisSiH8
Release Date:
=============
2015-08-16
Vulnerability Laboratory ID (VL-ID):
====================================
1579
Common Vulnerability Scoring System:
====================================
7.9
Product &…
Posted by Vulnerability Lab on Aug 20
Document Title:
===============
Microsoft HTA (HTML Application) – Remote Code Execution Vulnerability (MS14-064)
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1576
Video: http://youtu.be/Vkswz7vt23M
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-6332
CVE-ID:
=======
CVE-2014-6332
Release Date:
=============
2015-08-15
Vulnerability Laboratory ID (VL-ID):…
The internet is arguably the new frontier for communication, collaboration and business but, with criminals also using it for ill-gotten gains, it does have its bad parts too. And this is making life difficult for parents struggling to keep up with their child’s technology obsession.
The post Nine out of ten parents worry about kids online − yet few act appeared first on We Live Security.
Web.com reveals that was the victim of a data breach this month, which affected up to 93,000 of its customers.
The post Web.com experiences data breach appeared first on We Live Security.
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier allow remote SSL servers to conduct ECDHE-to-ECDH downgrade attacks and trigger a loss of forward secrecy by omitting the ServerKeyExchange message, a similar issue to CVE-2014-3572.
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3, RSA BSAFE Crypto-J before 6.2, RSA BSAFE SSL-J before 6.2, and RSA BSAFE SSL-C 2.8.9 and earlier do not enforce certain constraints on certificate data, which allows remote attackers to defeat a fingerprint-based certificate-blacklist protection mechanism by including crafted data within a certificate’s unsigned portion, a similar issue to CVE-2014-8275.
EMC RSA BSAFE Micro Edition Suite (MES) 4.0.x before 4.0.8 and 4.1.x before 4.1.3 and RSA BSAFE SSL-C 2.8.9 and earlier do not properly restrict TLS state transitions, which makes it easier for remote attackers to conduct cipher-downgrade attacks to EXPORT_RSA ciphers via crafted TLS traffic, related to the “FREAK” issue, a similar issue to CVE-2015-0204.