Monthly Archives: March 2016
A Hundred Million Truecaller Users Vulnerable To Privacy Bug
Fireware XTM Web UI Open Redirect
Fireware XTM Web UI versions prior to 11.10.7 suffer from an open redirection vulnerability.
Website Designing & Development Services!!
Hello, I sincerely hope you are doing well. We are an India based Web Design company with a primary focus on SEO based Website Design & Development (HTML, WordPress, Magento, PHP and Yahoo Store development). We have a dedicated team of 250 professional designers, developers and SEO specialists; especially for Graphic designing and SEO. We can assure you of getting quality works. Most firms overseas have achieved a significant amount of savings by outsourcing either part of, or their entire work to us in India. We would like you to give us an opportunity to work with your company and AMAZE you with our service. Please let us know in case you are interested. Warm Regards, Tripati Gupta Note: We are not spammers and are against spamming of any kind. If you are not interested then you can reply with a simple "NO",We will never contact you again. --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Remotely Exploitable Bug in Truecaller Puts Over 100 Million Users at Risk
Security researchers have discovered a remotely exploitable vulnerability in Called ID app “Truecaller” that could expose personal details of Millions of its users.
Truecaller is a popular service that claims to “search and identify any phone number,” as well as helps users block incoming calls or SMSes from phone numbers categorized as spammers and telemarketers.
The service has mobile
CVE-2016-1646 (chrome)
The Array.prototype.concat implementation in builtins.cc in Google V8, as used in Google Chrome before 49.0.2623.108, does not properly consider element data types, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via crafted JavaScript code.
CVE-2016-1647 (chrome)
Use-after-free vulnerability in the RenderWidgetHostImpl::Destroy function in content/browser/renderer_host/render_widget_host_impl.cc in the Navigation implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.
CVE-2016-1648 (chrome)
Use-after-free vulnerability in the GetLoadTimes function in renderer/loadtimes_extension_bindings.cc in the Extensions implementation in Google Chrome before 49.0.2623.108 allows remote attackers to cause a denial of service or possibly have unspecified other impact via crafted JavaScript code.
CVE-2016-1649 (chrome)
The Program::getUniformInternal function in Program.cpp in libANGLE, as used in Google Chrome before 49.0.2623.108, does not properly handle a certain data-type mismatch, which allows remote attackers to cause a denial of service (buffer overflow) or possibly have unspecified other impact via crafted shader stages.
CVE-2016-1650 (chrome)
The PageCaptureSaveAsMHTMLFunction::ReturnFailure function in browser/extensions/api/page_capture/page_capture_api.cc in Google Chrome before 49.0.2623.108 allows attackers to cause a denial of service or possibly have unspecified other impact by triggering an error in creating an MHTML document.