Mac OS X

Apple Mac OS X XPC Entitlements Local Privilege Escalation Exploit

The Admin framework in Apple OS X contains a hidden backdoor API to gain root privileges. A local user can exploit this flaw in the checking of XPC entitlements.

Oracle Java AtomicReferenceArray Type Confusion Exploit Update

Unsafe type handling performed by the AtomicReferenceArray class of the Oracle Java Runtime Environment can be abused to cause a type confusion error. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user.

Git Insecure Path Component Exploit

CVE-2014-9390: Git is prone to a vulnerability that may allow attackers to overwrite arbitrary local files. This module exploits the condition and installs an Agent when a vulnerable GIT client performs a CLONE to the fake repository created.

Apple Mac OS X HFS Plus Local Privilege Escalation Exploit

XNU 1228.9.59 and earlier on Apple Mac OS X 10.5.6 and earlier does not properly restrict interaction between user space and the HFS IOCTL handler. This allows local users to overwrite kernel memory and gain privileges by attaching an HFS+ disk image and performing certain steps involving HFS_GET_BOOT_INFO fcntl calls.

SugarCRM Remote Code Execution Exploit

Unrestricted file upload vulnerability in the Compose Email feature in the Emails module in Sugar Community Edition (aka SugarCRM) before 5.2f allows remote authenticated users to execute arbitrary code by uploading a file with only an extension in its name, then accessing the file via a direct request to a modified filename under cache/modules/Emails/, as demonstrated using .php as the entire original name.

PHPMyAdmin Setup Config Remote Code Execution Exploit

Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 allows remote attackers to inject arbitrary PHP code into a configuration file via the save action.

RPT exploits ordering improvements

With this update, RPT will prioritize newer exploits when attacking a target.

Oracle GlassFish Server Administration Console Authentication Bypass Remote Code Execution Exploit

The Administration Console of Oracle GlassFish Server is prone to an authentication bypass vulnerability, which can be achieved by performing HTTP TRACE requests. A remote unauthenticated attacker can exploit this in order to execute arbitrary code on the vulnerable server.

Sophos AntiVirus PDF Key Lenght Vulnerability Exploit

A Buffer Overflow exist in Sophos Antivirus when parsing encrypted revision 3 PDF files by reading the encryption key contents onto a fixed length stack buffer.

Oracle Java JMX Remote Code Execution Exploit Update

The default Java security properties configuration does not restrict access to certain objects in the com.sun.jmx.mbeanserver packages. This flaw allows an unprivileged Java applet to escape the sandbox and execute arbitrary code on the target machine with the privileges of the current user. This update adds support for Mac OS X 10.7.4 (i386).