The mov_read_dref function in libavformat/mov.c in Libav before 11.7 and FFmpeg before 0.11 allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via the entries value in a dref box in an MP4 file.
Monthly Archives: June 2016
CVE-2016-3687
Open redirect vulnerability in F5 BIG-IP APM 11.2.1, 11.4.x, 11.5.x, and 11.6.x before 11.6.0 HF6 and Edge Gateway 11.2.1, when using multi-domain single sign-on (SSO), allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a base64-encoded URL in the SSO_ORIG_URI parameter.
CVE-2016-5300
The XML parser in Expat does not use sufficient entropy for hash initialization, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted identifiers in an XML document. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-0876.
Microsoft Security Out-Of-Band Bulletin For June, 2016
The bulletin summary for June 2016 has been updated to include an additional out-of-band bulletin, MS16-083.
MS16-083 – Critical: Security Update for Adobe Flash Player (3167685) – Version: 1.0
Severity Rating: Critical
Revision Note: V1.0 (June 16, 2016): Bulletin published.
Summary: This security update resolves vulnerabilities in Adobe Flash Player when installed on all supported editions of Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10.
Vicidial 1.4.0.20 Cross Site Scripting
Vicidial version 1.4.0.20 suffers from a reflective cross site scripting vulnerability.
Python urllib HTTP Header Injection
Python’s built-in URL library (“urllib2” in 2.x and “urllib” in 3.x) is vulnerable to protocol stream injection attacks (a.k.a. “smuggling” attacks) via the http scheme.
Stack Overflow in BLAT
Posted by vishnu raju on Jun 16
Hi Hackers,
Greetings from Vishnu (@dh4wk)
1. Vulnerable Product Version:
*Blat v3.2.14*
Link: blat.net
2. Vulnerability Information
Impact: Attacker may gain administrative access / can perform a DOS
Remotely Exploitable: No
Locally Exploitable: May be possible
3. Product Details
An open source Windows (32 & 64 bit) command line SMTP mailer. We can use
it to automatically email logs, the contents of a html FORM, or…
Blindspot Advisory: HTTP Header Injection in Python urllib
Posted by Timothy D. Morgan on Jun 16
Python’s built-in URL library (“urllib2” in 2.x and “urllib” in 3.x)
is vulnerable to protocol stream injection attacks (a.k.a. “smuggling”
attacks) via the http scheme. If an attacker could convince a Python
application using this library to fetch an arbitrary URL, or fetch a
resource from a malicious web server, then these injections could
allow for a great deal of access to certain internal services.
URLs of…
Authentication bypass in Ceragon FibeAir IP-10 web interface (<7.2.0)
Posted by Ian Ling on Jun 16
[+] Credits: Ian Ling
[+] Website: iancaling.com
Vendor:
=================
www.ceragon.com
Product:
======================
-FibeAir IP-10
Vulnerability Type:
===================
Default Root Account
CVE Reference:
==============
N/A
Vulnerability Details:
=====================
Ceragon FibeAir IP-10 devices do not properly ensure that a user has
authenticated before granting them access to the web interface of the
device. The attacker simply…