Passwords 2015 has announced its Call For Papers. It will take place December 7th through the 9th, 2015 at the University of Cambridge, United Kingdom.
Monthly Archives: July 2015
WordPress GD bbPress Attachments 2.1 Cross Site Scripting
WordPress GD bbPress Attachments plugin version 2.1 suffers from a cross site scripting vulnerability.
WordPress GD bbPress Attachments 2.1 Local File Inclusion
WordPress GD bbPress Attachments plugin version 2.1 suffers from a local file inclusion vulnerability.
Re: Grandstream VoIP phone: SSH key backdoor and multiple vulnerabilities leading to RCE as root (David Jorm
Posted by Seamus Caveney on Jul 11
There is another similar issue affecting GXP color phones (GXP2130, 2140, 2160) reported to Grandstream that was fixed
in 1.0.4.22. From the main shell there is a bluetooth test mode you can enter by typing ‘bttest’. From inside this
subshell there is no shell sanitization and you can escape using normal techniques.
Grandstream GXP2130 Command Shell Copyright 2014
GXP2130> bttest
BTTEST> ;id
uid=0(root) gid=0(root)…
Adobe Flash ActionScript 3 opaqueBackground Use-After-Free Vulnerability
Original release date: July 11, 2015
Adobe Flash Player contains a critical vulnerability within the ActionScript 3 opaqueBackground class, which could allow a remote attacker to execute arbitrary code on a vulnerable system. Versions affected include Adobe Flash Player 9 through 18.0.0.204.
Users and administrators are encouraged to review Adobe Security Advisory (CVE-2015-5122) and Vulnerability Note VU#338736 for workaround information.
No patch is currently available.
This product is provided subject to this Notification and this Privacy & Use policy.
WordPress CP Contact Form With Paypal 1.1.5 CSRF / XSS / SQL Injection
WordPress CP Contact Form with Paypal plugin version 1.1.5 suffers from cross site request forgery, cross site scripting, and remote SQL injection vulnerabilities.
Does Avast slow down my computer?
When your computer slows to a crawl, it is very frustrating. One of the worst things that people do when trying to restore the performance of their PC is to remove the security software. Getting rid of your protective barrier just opens you up to threats that could make things even worse.
So you know that you need a security product on your computer, but you don’t want any software to impact the speed or performance. That’s why an excellent choice is Avast antivirus products.
Avast provides high detection rates and good protection against malware, but it does not degrade system performance or annoy users by being resource hungry.
But don’t take my word for it.
AV-Comparatives, a well-known and trusted third party testing lab, recently tested 20 antivirus and internet security products. Avast Free Antivirus topped every single one of them – paid security suites and free antivirus protection – and received an Advanced Plus three star award for the May 2015 Performance Test.
Reasons why your PC may be slow
It is not always security software that is responsible for a slow system. Other factors can play a role, which means that with a few tweaks your systems performance can be improved.
Old hardware If you try to install modern software into your old computer, it could start running at a snail’s pace, because the hardware simply is not capable of running the software. Ideally, buying a new PC with a multi-core processor is the best solution. However if your budget does not include a new computer, then you could add more RAM.
For Windows 7 or Windows 8, you should use a minimum of 4 gigabytes of RAM. If you use Windows XP or Vista, switch to Windows 8.1 64-bit. Avast security products are compatible.
More than one security program is not good. It’s not advised to run more than one security program with real-time protection at a time. Please uninstall any trial software that came with your PC before installing different protection. You can find a list and instructions to remove here. We recommend you follow their instructions before proceeding with the uninstallation.
Make sure your software is up-to-date. The most up-to-date software contains fixes and patches that makes it run at its best. Avast has ended product updates for older consumer versions of Avast Antivirus. Versions 8.0.1497 and lower continue to receive threat updates but do not receive any patches or technical support. The latest version of Avast has enhanced features and higher detection rates to protect your computer from malicious attacks.
Clean out the clutter. Clutter from leftover files and registry entries, unneeded shortcuts, adware, toolbars, and bloatware can slow your computer down. Getting rid of the junk can bring new life to your machine.
If your hard disk is almost full you could transfer movies, images, and other infrequently used files to an external disk. For the best performance, you should leave 20% of your disk space free.
Panda Security 1.0.0.13 Memory Corruption
Panda Kernel Memory Access Driver does not validate the size of data to be copied to both an allocated kernel paged pool buffer and to an allocated non-paged pool buffer. Furthermore, the attacker has control over the start-to-copy index regarding the non-paged pool buffer which allows an attacker to corrupt a kernel object with more precision, and control the EIP via a hijacked function pointer. Version 1.0.0.13 is affected.
Joomla J2Store 3.1.6 SQL Injection
Joomla J2Store extension version 3.1.6 suffers from multiple remote SQL injection vulnerabilities.
APPLE-SA-2015-07-10-1 OS X: Flash Player plug-in blocked
From: Apple Product Security
Reply to list
APPLE-SA-2015-07-10-1 OS X: Flash Player plug-in blocked Due to security issues in older versions, Apple has updated the web plug-in blocking mechanism to disable all versions prior to Flash Player 18.0.0.203 and 13.0.0.302. Information on blocked web plug-ins will be posted to: http://support. [...]