# Vulnerability Title: HP SimplePass Local Privilege Escalation
# Advisory Release Date: 05/18/2017
# Credit: Discovered By Rehan Ahmed
# Contact: knight_re...@hotmail.com
# Severity Level: Medium
# Type: Local
# Tested Platform: Windows 8 & 10 x64
# Vendor: HP Inc.
# Vendor Site: http://www.hp.co
> On May 12, 2017, at 1:48 PM, Brandon Perry wrote:
>
>
>> On May 12, 2017, at 1:45 PM, Henri Salo wrote:
>>
>> On Fri, May 12, 2017 at 12:09:30PM -0500, Brandon Perry wrote:
>>> As of this writing, . No CVEs have been requested.
>>
>> Why not?
>
> I’m lazy. I might this weekend.
>
Attach
[+] Credits: John Page a.k.a hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-CSRF-PERMALINK-INJECTION.txt
[+] ISR: ApparitionSec
Vendor:
www.mantisbt.org
Product:
=
Mantis Bug Tracker
1.3.10 / v
*** Added the product description... ***
[+] Credits: John Page aka HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SECURE-AUDITOR-v3.0-DIRECTORY-TRAVERSAL.txt
[+] ISR: ApparitionSec
Vendor:
www.secure-bytes.com
Prod
[+] Credits: John Page aka HYP3RLINX
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/SECURE-AUDITOR-v3.0-DIRECTORY-TRAVERSAL.txt
[+] ISR: ApparitionSec
Vendor:
www.secure-bytes.com
Product:
=
Secure Auditor
[+] Credits: John Page AKA hyp3rlinx
[+] Website: hyp3rlinx.altervista.org
[+] Source:
http://hyp3rlinx.altervista.org/advisories/PEGASUS-MAILTO-LINK-REMOTE-CODE-EXECUTION.txt
[+] ISR: APPARITIONSEC
Vendor:
=
www.pmail.com
Product:
===
Pegasus "winpm-32.exe
CALL FOR PAPERS
===
**
2017 Workshop on Privacy in the Electronic Society
(WPES 2017)
Dallas, Texas, USA - October 30, 2017
https://cs.pitt.edu/wpes2017
*
