Buffer overflow in Huawei VP9660, VP9650, and VP9630 multipoint control unit devices with software before V500R002C00SPC200 and RSE6500 videoconference devices with software before V500R002C00SPC100, when an unspecified service is enabled, allows remote attackers to execute arbitrary code via a crafted packet, aka HWPSIRT-2016-05054.
Monthly Archives: June 2016
CVE-2016-5302
Citrix XenServer 7.0 before Hotfix XS70E003, when a deployment has been upgraded from an earlier release, might allow remote attackers on the management network to “compromise” a host by leveraging credentials for an Active Directory account.
FlashFXP v5.3.0 (Windows) – Memory Corruption Vulnerability
Posted by Vulnerability Lab on Jun 13
Document Title:
===============
FlashFXP v5.3.0 (Windows) – Memory Corruption Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1853
Release Date:
=============
2016-06-13
Vulnerability Laboratory ID (VL-ID):
====================================
1853
Common Vulnerability Scoring System:
====================================
5.1
Product & Service Introduction:…
Foxit PDF Reader CFX_BaseSegmentedArray Memory Corruption
Foxit PDF Reader suffers from a memory corruption vulnerability in CFX_BaseSegmentedArray::IterateIndex.
Viart Shopping Cart 5.0 CSRF / Shell Upload
Viart Shopping Cart version 5.0 suffers from cross site request forgery and remote shell upload vulnerabilities.
CM Ad Changer 1.7.7 WordPress Plugin – Cross Site Scripting Web Vulnerability
Posted by Vulnerability Lab on Jun 13
Document Title:
===============
CM Ad Changer 1.7.7 WordPress Plugin – Cross Site Scripting Web Vulnerability
References (Source):
====================
http://www.vulnerability-lab.com/get_content.php?id=1856
Release Date:
=============
2016-06-13
Vulnerability Laboratory ID (VL-ID):
====================================
1856
Common Vulnerability Scoring System:
====================================
3.5
Product & Service Introduction:…
North Korean Hackers Steal thousands of Military files from S. Korea
Hackers aligned with North Korea have always been accused of attacking and targeting South Korean organizations, financial institutions, banks and media outlets.
Recent reports indicate that North Korean hackers have hacked into more than 140,000 computers of at least 160 South Korean government agencies and companies, and allegedly injected malware in the systems.
The cyber attack was
Comment on How to Recover a Stolen Smartphone by Tony
Hi,
Have to say this actually does work really well and used it first hand. I lost my phone (well left it at the checkout in the supermarket) and had received via emails a picture of the person trying to unlock it. I had reported it to the police who did try valiantly to locate and identify the person with my handset, they had some hot leads but alas nothing. Even though I’d lost it, it’s classified as stolen by the person who had it…never knew that.
After 6 weeks i posted on facebook the details of the phone, where i’d last had it, the geo-location and picture of the person.
I got my phone back within 48hrs.
BOOM, nice one Panda 
(and thank you to social media and those who shared the post)
Foxit PDF Reader CPDF_DIBSource Out-Of-Bounds Read
Foxit PDF Reader suffers from an out-of-bounds read vulnerability in CPDF_DIBSource::TranslateScanline24bpp.
Foxit PDF Reader CFX_WideString Invalid Read
Foxit PDF Reader suffers from an invalid read vulnerability in CFX_WideString::operator=.