Hey list. It’s possible to spoof an URL in mobile versions (Android)
of the UC browser [1][2] via <title> HTML tags. The newest version
from gplay (11.2.5.932) and the Meizu [3][4] branded default browser
(6.1.301) are affected. And the shocking poc would be:
Title:
Attacking Nexus 9 with Malicious Headphones
Identifier:
CVE-2017-0510
Severity:
Critical
Product:
Google Nexus 9
Vulnerable Version:
Android 7.1.1 N4F26Q and below
Mitigation:
Upgrade to build N4F26T (March 2017 Security patches).
Technical Details:
Nexus 9 (running build N4F26Q and below) allows unauthorized access to the FIQ debugger via its headphones jack, which
has the following impact:
1. It enables sensitive information…
We’re glad to announce that *hardwear.io <http://hardwear.io>* *2017 Call
For Papers* is now open! We are seeking innovative research on hardware
security. If you have done interesting research on attacks or mitigation on
any Hardware and want to showcase it to the security community, just submit
your research paper. Please find all the relevant details for the…
CVE-2017-6466 – Remote Code Execution under SYSTEM via MITM in F-Secure AV
————————————————————————–
Summary
——-
Title: Remote Code Execution under SYSTEM via MITM in F-Secure AV
CVE: CVE-2016-9892
Vendor: F-Secure
Product: All products that include the software updater component
(https://www.f-secure.com/en/web/business_global/software-updater)
Publication Date: 2017-03-08
Fix: Not available…
Vendor:
======
iball Envisioning the tremendous potential for innovative products required
by the ever evolving users in computing and digital world, iBall was
launched in September 2001 and which is one of the leading networking
company…