Rodriguez Varela from Core Advisories Team.
8. Technical Description / Proof of Concept Code
8.1. FreeBSD amd64_set_ldt Integer Signedness Vulnerability
[CVE-2016-1885] FreeBSD exposes the i386_set_ldt[1] architecture-dependent
system call for its Intel i386 version. This system call can
].
An updated version of SAP Download Manager can be found in their website [1].
6. Credits
This vulnerability was discovered and researched by Martin Gallo from Core
Security Consulting Services. The publication of this advisory was coordinated
by Joaquín Rodríguez Varela from Core Advisories Team
1. Advisory Information
Title: Samsung SW Update Tool MiTM
Advisory ID: CORE-2016-0003
Advisory URL: http://www.coresecurity.com/advisories/samsung-sw-update-tool-mitm
Date published: 2016-03-07
Date of last update: 2016-03-04
Vendors contacted: Samsung
Release mode: Coordinated release
2.
1. Advisory Information
Title: Lenovo ShareIT Multiple Vulnerabilities
Advisory ID: CORE-2016-0002
Advisory URL:
http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities
Date published: 2016-01-25
Date of last update: 2016-01-22
Vendors contacted: Lenovo
Release mode:
1. Advisory Information
Title: Intel Driver Update Utility MiTM
Advisory ID: CORE-2016-0001
Advisory URL:
http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm
Date published: 2016-01-19
Date of last update: 2016-01-14
Vendors contacted: Intel
Release mode: Coordinated release
and researched by Francisco Falcon from Core
Exploits Team. The publication of this advisory was coordinated by Joaquín
Rodríguez Varela from the Core Advisories Team.
7. Technical Description / Proof of Concept Code
The ehexthost.exe binary, part of Windows Media Center, loads the given URL
1. Advisory Information
Title: FortiClient Antivirus Multiple Vulnerabilities
Advisory ID: CORE-2015-0013
Advisory URL:
http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities
Date published: 2015-09-01
Date of last update: 2015-09-01
Vendors contacted: Fortinet
1. Advisory Information
Title: AirLink101 SkyIPCam1620W OS Command Injection
Advisory ID: CORE-2015-0011
Advisory URL:
http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection
Date published: 2015-07-08
Date of last update: 2015-07-08
Vendors contacted: AirLink101
1. Advisory Information
Title: AirLive Multiple Products OS Command Injection
Advisory ID: CORE-2015-0012
Advisory URL:
http://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection
Date published: 2015-07-06
Date of last update: 2015-07-06
Vendors contacted: AirLive
1. Advisory Information
Title: Sendio ESP Information Disclosure Vulnerability
Advisory ID: CORE-2015-0010
Advisory URL:
http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability
Date published: 2015-05-22
Date of last update: 2015-05-22
Vendors contacted: Sendio
Advisories Team.
7. Technical Description / Proof of Concept Code
SAP products make use of LZC and LZH algorithms for compressing in-transit data
for different services (Diag protocol, RFC protocol, MaxDB protocol) and for
distributing files (SAPCAR program). The implementation
1. Advisory Information
Title: InFocus IN3128HD Projector Multiple Vulnerabilities
Advisory ID: CORE-2015-0008
Advisory URL:
http://www.coresecurity.com/advisories/infocus-in3128hd-projector-multiple-vulnerabilities
Date published: 2015-04-27
Date of last update: 2015-04-22
Vendors contacted:
1. Advisory Information
Title: Fortinet Single Sign On Stack Overflow
Advisory ID: CORE-2015-0006
Advisory URL:
http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow
Date published: 2015-03-18
Date of last update: 2015-03-18
Vendors contacted: Fortinet
Release mode:
. *Credits*
This vulnerability was discovered and researched by Marcos Accossatto from Core
Security
Exploit Writers Team. The publication of this advisory was coordinated by
Joaquin Rodriguez
Varela from Core Advisories Team.
7. *Technical Description / Proof of Concept Code*
[CVE-2014-8393
*
This vulnerability was discovered and researched by Marcos Accossatto
from Core Security
Exploit Writers Team. The publication of this advisory was coordinated
by Joaquin Rodriguez
Varela from Core Advisories Team.
7. *Technical Description / Proof of Concept Code*
[CVE-2014-8393
Core Security Exploit Writers Team. The
publication of this advisory was coordinated by Joaquín Rodríguez
Varela from Core Advisories Team.
7. *Technical Description / Proof of Concept Code*
This vulnerability is caused by a stack buffer overflow when parsing
the display
that the 'admin' user doesn't has the default password
as well.
6. *Credits*
This vulnerability was discovered and researched by Facundo Pantaleo
and Flavio Cangini from Core Security Engineering Team. The publication
of this advisory was coordinated by Joaquín Rodríguez Varela from Core
Advisories
. *Credits*
This vulnerability was discovered and researched by Ricardo Narvaja
from Core Security Consulting Services. The publication of this advisory
was coordinated by Joaquín Rodríguez Varela from Core Advisories Team.
7. *Technical Description / Proof of Concept Code*
This vulnerability
of affected systems to some
extent.
Contact Embarcadero for further information.
6. *Credits*
This vulnerability was discovered and researched by Marcos Accossatto
from the Core
Exploits Writers Team. The publication of this advisory was coordinated by
Joaquín Rodríguez Varela from the Core Advisories
19 matches
Mail list logo