==
Secunia Research 2018/12/13
libexif EXIF_IFD_INTEROPERABILITY / EXIF_IFD_EXIF
Denial of Service Vulnerability
==
Secunia Research 2018/12/13
LibRaw Multiple Denial of Service Vulnerabilities
later. CVE-2018-9489 has been assigned by the vendor to track
this issue. Further research is also recommended to determine whether
this is being exploited in the wild.
BACKGROUND
Android is an open source operating system developed by Google for
mobile phones and tablets. It is estimated that
==
Secunia Research 2018/07/20
Oracle Outside In Technology Multiple Vulnerabilities
==
Table of Contents
Affected Software
==
Secunia Research 2018/07/20
Oracle Outside In Technology Multiple Vulnerabilities
==
Table of Contents
Affected Software
==
Secunia Research 2018/07/17
LibRaw "parse_minolta()" Infinite Loop
Denial of Service Vul
==
Secunia Research 2018/07/17
LibRaw Multiple Denial of Service Vulnerabilities
==
Table of Contents
Affected Software
==
Secunia Research 2018/07/12
Clam AntiVirus "parsehwp3_paragraph()"
Denial of Service Vul
capture permissions, having screenshots
taken by the user, or have the screen captured in the Recent Apps
portion of Android OS. We have published an extensive post last year
discussing this feature is and what it does:
https://wwws.nightwatchcybersecurity.com/2016/04/13/research-securing-android
==
Secunia Research 2018/04/25
Oracle Outside In Technology Use-After-Free Vulnerability
==
Table of Contents
Affected Software
==
Secunia Research 2018/03/15
Microsoft Windows Embedded OpenType Font Engine hdmx Table
Information Disclosure Vulnerability
==
Secunia Research 2018/03/15
Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()"
Information Disclosure Vul
==
Secunia Research 2018/03/14
Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling
Information Disclosure Vulnerability
==
Secunia Research 2018/03/14
LibRaw Multiple Denial of Service Vulnerabilities
==
Secunia Research 2018/02/28
Linux Kernel "_sctp_make_chunk()" Denial of Service Vulnerability
==
Table of Contents
==
Secunia Research 2018/01/29
LibRaw Multiple Denial of Service Vulnerabilities
==
Secunia Research 2017/12/08
LibRaw Multiple Denial of Service Vulnerabilities
==
Secunia Research 2017/10/21
Oracle Outside In Denial of Service Vulnerability
==
Table of Contents
Affected Software
==
Secunia Research 2017/06/09
libsndfile "aiff_read_chanmap()" Information Disclosure Vul
==
Secunia Research 2016/05/22
Microsoft Windows Heap-based Buffer Overflow Vulnerabilities
==
Table of Contents
Affected Software
==
Secunia Research 2017/05/11
FLAC "read_metadata_vorbiscomment_()" Memory Leak
Denial of Service Vul
==
Secunia Research 2017/05/11
LibRaw "parse_tiff_ifd()" Memory Corruption Vulnerability
==
Table of Contents
Affecte
[Original post here:
https://wwws.nightwatchcybersecurity.com/2017/05/09/multiple-vulnerabilities-in-asus-routers/]
Summary
Various models of ASUS RT routers have several CSRF vulnerabilities
allowing malicious sites to login and change settings in the router;
multiple JSONP vulnerabilities allow
reported to the
vendor but will not be fixed since the vendor considers them to be WAI
(Working As Intended). These attacks require physical access to the
device in order to execute them but future avenues of research looking
at network vectors should be undertaken.
BACKGROUND
ChromeOS is the
==
Secunia Research 2017/01/27
libarchive "lha_read_file_header_1()" Out-Of-Bounds Memory Access
Denial of Service Vul
==
Secunia Research 2016/01/18
Oracle Outside In VSDX Use-After-Free Vulnerability
==
Table of Contents
Affected Software
==
Secunia Research 2016/12/14
Microsoft Windows Type 1 Font Processing Vulnerability
==
Table of Contents
Affected Software
==
Secunia Research 2016/11/10
Microsoft Windows OTF Parsing Table Encoding Record Offset
Vulnerability
==
Secunia Research 2016/11/10
Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability
==
Table of Contents
Affecte
==
Secunia Research 2016/11/10
Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability
==
Table of Contents
Affecte
GPS chipsets and consume these files but
that has not been tested by us, and requires further research.
Background – GPS and gpsOneXtra
Most mobile devices today include ability to locate themselves on the
Earth’s surface by using the Global Positioning System (GPS), a system
originally developed
Original at:
https://wwws.nightwatchcybersecurity.com/2016/09/14/advisory-insecure-transmission-of-data-in-android-applications-developed-with-adobe-air-cve-2016-6936/
Summary
Android applications developed with Adobe AIR send data back to Adobe servers
without HTTPS while running. This can allo
==
Secunia Research 03/08/2016
LibGD "_gdContributionsAlloc()" Integer Overflow
Denial of Service Vul
Vulnerability Type: Path Traversal [CWE-22]
Risk Level: Medium
CVSSv3 Base Score: 5.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
[Original at:
https://wwws.nightwatchcybersecurity.com/2016/07/29/advisory-intel-crosswalk-ssl-prompt-issue/]
Summary
The Intel Crosswalk Project library for cross-platform mobile
development did not properly handle SSL errors. This behaviour could
subject applications developed using this libra
##
- S21Sec Advisory -
- S21SEC-047-en.txt -
##
Title: Fotoware Fotoweb 8.0 Cross Site Scripting (XSS)
ID: S21sec-047
[Original here:
https://wwws.nightwatchcybersecurity.com/2016/07/26/research-crashing-browsers-remotely-via-insecure-search-suggestions/]
Summary
Intercepting insecure search suggestion requests from browsers, and
returning very large responses leads to browser crashes (but not RCE).
Affected
==
Secunia Research 25/07/2016
Reprise License Manager "akey" Buffer Overflow Vulnerability
==
Table of Contents
Affecte
==
Secunia Research 25/07/2016
Reprise License Manager "actserver" Buffer Overflow Vulnerability
==
Table of Contents
Affecte
Vendor: Huawei, www.huawei.com
Affected Product: HiSuite for Windows
Affected Version: <= 4.0.3.301
CVE ID: CVE-2016-5821
OVE ID: OVE-20160624-0001
Severity: High
Author: Benjamin Gnahm (@mitp0sh), Blue Frost Security GmbH
Ti
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Public Disclosure: April 20, 2016
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
Risk Level: High
CVSSv3 Base Score: 8.8 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
Original here:
https://blog.nightwatchcybersecurity.com/research-securing-android-applications-from-screen-capture-8dce2c8e21d#.bw2qwe213
Research: Securing Android Applications from Screen Capture
Summary TL, DR
Apps on Android and some platform services are able to capture other appss
Overview
An open redirect is operating at www.google.com
Details
Googles main website provides a subsite for displaying mobile-optimized pages
published using a special subset of HTML called AMP. While this works for
mobile devices, for non-mobile devices, this redirects to the original site,
Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
/S:C/C:N/I:N/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab discovered multiple Cross-Site Request
Forgery (CSRF) vulnerabilities in a
Public Disclosure: March 18, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: Critical
CVSSv3 Base Score: 10 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
: PHP File Inclusion [CWE-98]
Risk Level: Medium
CVSSv3 Base Score: 5.8 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Authentication [CWE-287]
Risk Level: High
CVSSv3 Base Score: 7.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
: February 17, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: Medium
CVSSv3 Base Score: 6.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Disclosure: February 17, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
: February 17, 2016
Vulnerability Type: SQL Injection [CWE-89]
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Type: PHP File Inclusion [CWE-98]
Risk Level: Medium
CVSSv3 Base Score: 5.8 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:L]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Vendor: FireEye, https://www.fireeye.com
Affected Product: FireEye FX, AX, NX, EX
Affected Version: FX < 7.5.1, AX < 7.7.0, NX < 7.6.1, EX < 7.6.2
Severity: High
Title:
Disclosure: February 3, 2016
Vulnerability Type: Code Injection [CWE-94]
CVE Reference: CVE-2016-2242
Risk Level: Critical
CVSSv3 Base Score: 10 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
: January 13, 2016
Vulnerability Type: Path Traversal [CWE-22]
CVE Reference: CVE-2015-8770
Risk Level: Medium
CVSSv3 Base Score: 5.3 [CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2015-8356
Risk Level: Medium
CVSSv3 Base Score: 6.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
, 2015
Public Disclosure: December 16, 2015
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2015-8355
Risk Level: Medium
CVSSv3 Base Score: 6.3 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research
Vulnerability Type: PHP File Inclusion [CWE-98]
CVE Reference: CVE-2015-8352
Risk Level: Critical
CVSSv3 Base Score: 9.0 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com
Blue Frost Security GmbH
https://www.bluefrostsecurity.de/ research(at)bluefrostsecurity.de
BFS-SA-2015-003 10-December-2015
Vendor
==
Secunia Research 08/12/2015
Microsoft Windows usp10.dll "GetFontDesc()"
Integer Underflow Vul
Disclosure: December 9, 2015
Vulnerability Type: Path Traversal [CWE-22]
CVE Reference: CVE-2015-8357
Risk Level: Medium
CVSSv3 Base Score: 4.2 [CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab discovered vulnerability in
bitrix.mpbuilder Bitrix module, which can be exploited to include
Public Disclosure: November 4, 2015
Vulnerability Type: PHP File Inclusion [CWE-98]
CVE Reference: CVE-2015-8351
Risk Level: Critical
CVSSv3 Base Score: 9.0 [CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab
Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-8349
Risk Level: Medium
CVSSv3 Base Score: 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab discovered three Cross-Site Request
Forgery (CSRF) vulnerabilities in a popular collaboration
==
Secunia Research (now part of Flexera Software) 11/11/2015
Google Picasa CAMF Section Integer Overflow Vulnerability
==
Table of Contents
22, 2015
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
CVE Reference: CVE-2015-5534
Risk Level: High
CVSSv3 Base Score: 7.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
==
Secunia Research (now part of Flexera Software) 09/10/2015
Google Picasa Phase One Tags Processing Integer Overflow Vulnerability
==
Table of
==
Secunia Research (now part of Flexera Software) 26/10/2015
Oracle Outside In Two Buffer Overflow Vulnerabilities
==
Table of Contents
Affected
Type: Cross-Site Scripting [CWE-79]
Risk Level: Medium
CVSSv3 Base Score: 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
23, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-6544
Risk Level: Medium
CVSSv3 Base Score: 6.1 [CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N]
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
2, 2015
Vulnerability Type: Cross-Site Request Forgery [CWE-352]
CVE Reference: CVE-2015-6545
Risk Level: Medium
CVSSv2 Base Score: 5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com
Blue Frost Security GmbH
https://www.bluefrostsecurity.de/ research(at)bluefrostsecurity.de
BFS-SA-2015-002 13-August-2015
Affected Product
Blue Frost Security GmbH
https://www.bluefrostsecurity.de/ research(at)bluefrostsecurity.de
BFS-SA-2015-001 12-August-2015
Vendor
Components:
* SAP Mobile Platform 3.0 SP05 ClientHub
* Vulnerability Class: Use of Hard-coded Cryptographic Key (CWE-321)
* Remotely Exploitable: No
* Locally Exploitable: Yes
* Authentication Required: No
* Original Advisory:
https://www.onapsis.com/research/security
* Authentication Required: No
* Original Advisory:
http://www.onapsis.com/research/security-advisories/
4.Affected Components Description
- --
The SAP Mobile Platform 3.0 SP5 has an API called DataVault, which is
used to securely store data on mobile devices. As described
Components:
* SAP Mobile Platform 3.0 SP05 ClientHub
* Vulnerability Class: Missing Required Cryptographic Step (CWE-325)
* Remotely Exploitable: No
* Locally Exploitable: Yes
* Authentication Required: No
* Original Advisory:
https://www.onapsis.com/research/security
Public Disclosure: July 22, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-5532
Risk Level: Medium
CVSSv2 Base Score: 4.3 (AV:N/AC:M/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
: July 22, 2015
Vulnerability Type: SQL Injection [CWE-89]
CVE Reference: CVE-2015-5533
Risk Level: Medium
CVSSv2 Base Score: 6 (AV:N/AC:M/Au:S/C:P/I:P/A:P)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
1, 2015
Vulnerability Type: Path Traversal [CWE-22]
CVE Reference: CVE-2015-5079
Risk Level: High
CVSSv2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:С/I:N/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
17, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-3422
Risk Level: Low
CVSSv2 Base Score: 2.6 (AV:N/AC:H/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
: June 17, 2015
Vulnerability Type: OS Command Injection [CWE-78]
CVE Reference: CVE-2015-4117
Risk Level: Critical
CVSSv2 Base Score: 9 (AV:N/AC:L/Au:S/C:C/I:C/A:C)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Vulnerability Type: Use After Free [CWE-416]
Risk Level: Medium
CVSSv2 Base Score: 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab discovered two vulnerabilities in a
popular hosting
Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab two vulnerabilities in Bonita BPM Portal
(Bonita'
Timeline
1. 25 May 2015 – Reported to Vendor, no response.
2. 29 May 2015 – Reminder sent to vendor, no response.
3. 5 June 2015 – Public disclosure.
Credits
=
1. Aseem Jakhar, Director - Research, Payatu Technologies Pvt. Ltd.
2. Since at the time of publishing the
, 2015
Vulnerability Type: PHP File Inclusion [CWE-98]
CVE Reference: CVE-2015-3648
Risk Level: High
CVSSv2 Base Score: 7.6 (AV:N/AC:H/Au:N/C:C/I:C/A:C)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
.
- - Affected Components: SAP HANA DB 1.00.73.00.389160 (NewDB100_REL)
- - Vulnerability Class: Improper Access Control (CWE-284)
- - Remotely Exploitable: Yes
- - Locally Exploitable: No
- - Authentication Required: Yes
- - Original Advisory:
http://www.onapsis.com/research/security-advisories/SAP
/research/security-advisories/SAP-HANA-log-injection-vulnerability-in-extended-application-services
4. Affected Components Description
==
SAP HANA is a platform for real-time business. It combines database,
data processing, and application platform capabilities in-memory
Public Disclosure: May 20, 2015
Vulnerability Type: Cross-Site Scripting [CWE-79]
CVE Reference: CVE-2015-3647
Risk Level: Medium
CVSSv2 Base Score: 5 (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Solution Status: Fixed by Vendor
Discovered and Provided: High-Tech Bridge Security Research Lab (
https
Type: Code Injection [CWE-94]
CVE Reference: CVE-2015-3421
Risk Level: Medium
CVSSv2 Base Score: 6.4 (AV:N/AC:L/Au:N/C:P/I:P/A:N)
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory
/A:N), 5 (AV:N/AC:L/Au:N/C:N/I:P/A:N), 4.3
(AV:N/AC:M/Au:N/C:N/I:P/A:N)
Discovered and Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High
==
Secunia Research 16/04/2015
Oracle Outside In ibpsd2.dll PSD File Processing
Buffer Overflow Vulnerability
==
Secunia Research 15/04/2015
Microsoft Windows GDI "MRSETDIBITSTODEVICE ::bPlay()" EMF Parsing
Memory Corruption Vul
Provided: High-Tech Bridge Security Research Lab (
https://www.htbridge.com/advisory/ )
---
Advisory Details:
High-Tech Bridge Security Research Lab discovered multiple vulnerabilities in
web interface
Date: 2015-03-13
Author: Nikolas Sotiriu
Website:http://sotiriu.de
Twitter:http://twitter.com/nsoresearch
Mail: nso-research at sotiriu.de
URL:http://sotiriu.de/adv/NSOADV-2015-001.txt
Vendor
1 - 100 of 1333 matches
Mail list logo
