Category Archives: Full Disclosure

Full Disclosure

Hidden malicious modules in MS VBA (Visual Basic for Applications)

Posted by Thegrideon Software on Mar 29

Credits:

Maxim Tomashevich / Thegrideon Software

Website:

https://www.thegrideon.com/

Details:

https://www.thegrideon.com/vba-internals.html

Vendor:

———————

Microsoft

Product:

———————

Visual Basic for Applications (VBA) 6.5 – 7.1 (x32 / x64)

Vulnerability Details:

———————

VBA library loads modules for execution from all streams inside “VBA” OLE
folder (based on “dir”…

Re: Defense in depth — the Microsoft way (part 47): "AppLocker bypasses are not serviced via monthly security roll-ups"

Posted by Stefan Kanthak on Mar 28

I wrote Tuesday, March 21, 2017 8:09 PM:

[ …snip… ]

[ …snip… ]

If you can’t create an “AppCert.Dll” from the code I depicted or
don’t know how to implement the function “forbidden()” yourself:
just visit <https://skanthak.homepage.t-online.de/appcert.html>,
read it and get the prebuilt DLLs plus their .INF setup script,
packaged in a .CAB archive.

enjoy
Stefan Kanthak

APPLE-SA-2017-03-27-3 macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite

Posted by Apple Product Security on Mar 28

APPLE-SA-2017-03-27-3 macOS Sierra 10.12.4, Security Update
2017-001 El Capitan, and Security Update 2017-001 Yosemite

macOS Sierra 10.12.4, Security Update 2017-001 El Capitan,
and Security Update 2017-001 Yosemite are now available and
address the following:

apache
Available for: macOS Sierra 10.12.3
Impact: A remote attacker may be able to cause a denial of service
Description: Multiple issues existed in Apache before 2.4.25. These
were…

APPLE-SA-2017-03-27-7 macOS Server 5.3

Posted by Apple Product Security on Mar 28

APPLE-SA-2017-03-27-7 macOS Server 5.3

macOS Server 5.3 is now available and addresses the following:

Profile Manager
Available for: macOS 10.12.4 and later
Impact: A remote user may be able to cause a denial-of-service
Description: A crafted request may cause a global cache to grow
indefinitely, leading to a denial-of-service. This was addressed by
not caching unknown MIME types.
CVE-2016-0751

Web Server
Available for: macOS 10.12.4 and…

APPLE-SA-2017-03-27-5 watchOS 3.2

Posted by Apple Product Security on Mar 28

APPLE-SA-2017-03-27-5 watchOS 3.2

watchOS 3.2 is now available and addresses the following:

Audio
Available for: All Apple Watch models
Impact: Processing a maliciously crafted audio file may lead to
arbitrary code execution
Description: A memory corruption issue was addressed through improved
input validation.
CVE-2017-2430: an anonymous researcher working with Trend Micro’s
Zero Day Initiative
CVE-2017-2462: an anonymous researcher working…

APPLE-SA-2017-03-27-4 iOS 10.3

Posted by Apple Product Security on Mar 28

APPLE-SA-2017-03-27-4 iOS 10.3

iOS 10.3 is now available and addresses the following:

Accounts
Available for: iPhone 5 and later, iPad 4th generation and later,
iPod touch 6th generation and later
Impact: A user may be able to view an Apple ID from the lock screen
Description: A prompt management issue was addressed by removing
iCloud authentication prompts from the lock screen.
CVE-2017-2397: Suprovici Vadim of UniApps team, an anonymous…

APPLE-SA-2017-03-27-2 Safari 10.1

Posted by Apple Product Security on Mar 28

APPLE-SA-2017-03-27-2 Safari 10.1

Safari 10.1 is now available and addresses the following:

CoreGraphics
Available for: OS X Yosemite v10.10.5, OS X El Capitan v10.11.6,
and macOS Sierra 10.12.4
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution
Description: Multiple memory corruption issues were addressed through
improved input validation.
CVE-2017-2444: Mei Wang of 360 GearTeam

Safari
Available for: OS…

Outlook Remote Crashing Bug

Posted by Haifei Li on Mar 28

Hi,

Just wanted to let you know I’ve released a blog post discussing an interesting Outlook bug (remote crashing, or?),
feel free to reach me for discussions of the exploitability of the bug.

http://justhaifei1.blogspot.com/2017/03/an-interesting-outlook-bug.html

An Interesting Outlook Bug<http://justhaifei1.blogspot.com/2017/03/an-interesting-outlook-bug.html>
justhaifei1.blogspot.com
Last week I reported an interesting bug in…

DzSoft PHP Editor v4.2.7 File Enumeration [**UPDATED FIXED TYPO]

Posted by hyp3rlinx on Mar 28

[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/DZSOFT-v4.2.7-PHP-EDITOR-FILE-ENUMERATION.txt
[+] ISR: ApparitionSec

Vendor:
==============
www.dzsoft.com

Product:
=========================
DzSoft PHP Editor v4.2.7

DzSoft PHP Editor is a tool for writing and testing PHP and HTML pages.

Vulnerability Type:
====================
File Enumeration

CVE Reference:…