[FD] [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities

2016-08-10 Thread CORE Advisories Team
Services. The publication of this advisory was coordinated by Joaquin Rodriguez Varela from Core Advisories Team. 7. Technical Description / Proof of Concept Code SAP distributes software and packages using an archive program called SAPCAR. This program uses a custom archive file format

[FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow

2016-03-19 Thread CORE Advisories Team
Rodriguez Varela from Core Advisories Team. 8. Technical Description / Proof of Concept Code 8.1. FreeBSD amd64_set_ldt Integer Signedness Vulnerability [CVE-2016-1885] FreeBSD exposes the i386_set_ldt[1] architecture-dependent system call for its Intel i386 version. This system call can

[FD] [CORE-2016-0004] - SAP Download Manager Password Weak Encryption

2016-03-09 Thread CORE Advisories Team
]. An updated version of SAP Download Manager can be found in their website [1]. 6. Credits This vulnerability was discovered and researched by Martin Gallo from Core Security Consulting Services. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Advisories Team

[FD] [CORE-2016-0003] - Samsung SW Update Tool MiTM

2016-03-09 Thread CORE Advisories Team
1. Advisory Information Title: Samsung SW Update Tool MiTM Advisory ID: CORE-2016-0003 Advisory URL: http://www.coresecurity.com/advisories/samsung-sw-update-tool-mitm Date published: 2016-03-07 Date of last update: 2016-03-04 Vendors contacted: Samsung Release mode: Coordinated release 2.

[FD] [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities

2016-01-25 Thread CORE Advisories Team
1. Advisory Information Title: Lenovo ShareIT Multiple Vulnerabilities Advisory ID: CORE-2016-0002 Advisory URL: http://www.coresecurity.com/advisories/lenovo-shareit-multiple-vulnerabilities Date published: 2016-01-25 Date of last update: 2016-01-22 Vendors contacted: Lenovo Release mode:

[FD] [CORE-2016-0001] - Intel Driver Update Utility MiTM

2016-01-19 Thread CORE Advisories Team
1. Advisory Information Title: Intel Driver Update Utility MiTM Advisory ID: CORE-2016-0001 Advisory URL: http://www.coresecurity.com/advisories/intel-driver-update-utility-mitm Date published: 2016-01-19 Date of last update: 2016-01-14 Vendors contacted: Intel Release mode: Coordinated release

[FD] [CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference

2015-12-09 Thread CORE Advisories Team
and researched by Francisco Falcon from Core Exploits Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from the Core Advisories Team. 7. Technical Description / Proof of Concept Code The ehexthost.exe binary, part of Windows Media Center, loads the given URL

[FD] [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities

2015-09-01 Thread CORE Advisories Team
1. Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-2015-0013 Advisory URL: http://www.coresecurity.com/advisories/forticlient-antivirus-multiple-vulnerabilities Date published: 2015-09-01 Date of last update: 2015-09-01 Vendors contacted: Fortinet

[FD] [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection

2015-07-08 Thread CORE Advisories Team
1. Advisory Information Title: AirLink101 SkyIPCam1620W OS Command Injection Advisory ID: CORE-2015-0011 Advisory URL: http://www.coresecurity.com/advisories/airlink101-skyipcam1620w-os-command-injection Date published: 2015-07-08 Date of last update: 2015-07-08 Vendors contacted: AirLink101

[FD] [CORE-2015-0012] - AirLive Multiple Products OS Command Injection

2015-07-06 Thread CORE Advisories Team
1. Advisory Information Title: AirLive Multiple Products OS Command Injection Advisory ID: CORE-2015-0012 Advisory URL: http://www.coresecurity.com/advisories/airlive-multiple-products-os-command-injection Date published: 2015-07-06 Date of last update: 2015-07-06 Vendors contacted: AirLive

[FD] [CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability

2015-05-22 Thread CORE Advisories Team
1. Advisory Information Title: Sendio ESP Information Disclosure Vulnerability Advisory ID: CORE-2015-0010 Advisory URL: http://www.coresecurity.com/advisories/sendio-esp-information-disclosure-vulnerability Date published: 2015-05-22 Date of last update: 2015-05-22 Vendors contacted: Sendio

[FD] [CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities

2015-05-13 Thread CORE Advisories Team
Advisories Team. 7. Technical Description / Proof of Concept Code SAP products make use of LZC and LZH algorithms for compressing in-transit data for different services (Diag protocol, RFC protocol, MaxDB protocol) and for distributing files (SAPCAR program). The implementation

[FD] [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities

2015-04-27 Thread CORE Advisories Team
1. Advisory Information Title: InFocus IN3128HD Projector Multiple Vulnerabilities Advisory ID: CORE-2015-0008 Advisory URL: http://www.coresecurity.com/advisories/infocus-in3128hd-projector-multiple-vulnerabilities Date published: 2015-04-27 Date of last update: 2015-04-22 Vendors contacted:

[FD] [CORE-2015-0007] - Schneider Vampset Stack and Heap Buffer Overflow

2015-03-30 Thread CORE Advisories Team
1. Advisory Information Title: Schneider Vampset Stack and Heap Buffer Overflow Advisory ID: CORE-2015-0007 Advisory URL: http://www.coresecurity.com/advisories/schneider-vampset-stack-and-heap-buffer-overflow Date published: 2015-03-30 Date of last update: 2015-03-27 Vendors contacted:

[FD] [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow

2015-03-18 Thread CORE Advisories Team
1. Advisory Information Title: Fortinet Single Sign On Stack Overflow Advisory ID: CORE-2015-0006 Advisory URL: http://www.coresecurity.com/advisories/fortinet-single-sign-on-stack-overflow Date published: 2015-03-18 Date of last update: 2015-03-18 Vendors contacted: Fortinet Release mode:

[FD] [CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities

2015-01-27 Thread CORE Advisories Team
. The publication of this advisory was coordinated by Joaquin Rodriguez Varela from Core Advisories Team. 8. *Technical Description / Proof of Concept Code* 8.1. *FreeBSD vt Driver VT_WAITACTIVE Sign Conversion Vulnerability* [CVE-2014-0998] FreeBSD 10.1-RELEASE added[1] the 'vt(4)'[2

[FD] Corel Software DLL Hijacking

2015-01-12 Thread CORE Advisories Team
. *Credits* This vulnerability was discovered and researched by Marcos Accossatto from Core Security Exploit Writers Team. The publication of this advisory was coordinated by Joaquin Rodriguez Varela from Core Advisories Team. 7. *Technical Description / Proof of Concept Code* [CVE-2014-8393

[FD] Corel Software DLL Hijacking

2015-01-12 Thread CORE Advisories Team
* This vulnerability was discovered and researched by Marcos Accossatto from Core Security Exploit Writers Team. The publication of this advisory was coordinated by Joaquin Rodriguez Varela from Core Advisories Team. 7. *Technical Description / Proof of Concept Code* [CVE-2014-8393

[FD] [CORE-2014-0008] - Advantech AdamView Buffer Overflow

2014-11-19 Thread CORE Advisories Team
Core Security Exploit Writers Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Advisories Team. 7. *Technical Description / Proof of Concept Code* This vulnerability is caused by a stack buffer overflow when parsing the display

[FD] [CORE-2014-0009] - Advantech EKI-6340 Command Injection

2014-11-19 Thread CORE Advisories Team
that the 'admin' user doesn't has the default password as well. 6. *Credits* This vulnerability was discovered and researched by Facundo Pantaleo and Flavio Cangini from Core Security Engineering Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Advisories

[FD] [CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow

2014-11-19 Thread CORE Advisories Team
. *Credits* This vulnerability was discovered and researched by Ricardo Narvaja from Core Security Consulting Services. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from Core Advisories Team. 7. *Technical Description / Proof of Concept Code* This vulnerability

[FD] [CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow

2014-09-16 Thread CORE Advisories Team
of affected systems to some extent. Contact Embarcadero for further information. 6. *Credits* This vulnerability was discovered and researched by Marcos Accossatto from the Core Exploits Writers Team. The publication of this advisory was coordinated by Joaquín Rodríguez Varela from the Core Advisories