Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allow attackers to bypass intended access restrictions and perform a transition from Low Integrity to Medium Integrity via unspecified vectors, a different vulnerability than CVE-2015-4446 and CVE-2015-5106.
This module exploits a COM Server-based Binary Planting vulnerability on Microsoft Windows using a word document to deploy an agent.
This update adds other vulnerable dlls to the exploitation and other platforms and architectures.
This update adds other vulnerable dlls to the exploitation and other platforms and architectures.
This module exploits a COM Server-based Binary Planting vulnerability on Microsoft Word to deploy an agent.
This version adds wow64 support.
This version adds wow64 support.
Spring Boot Framework 1.2.7 provides a default error page (also known as "Whitelabel Error Page"), that's prone to Spring Expression Language injection when the type of a parameter expected is not expected to be a string but a string is provided. Applications based on Spring Boot that don't deactivate the feature, or customize it in such a way as to stop the injection, are thus susceptible to execution of some Java statements and, in particular, to OS command injections.
This module checks all the parameters in the given pages and, if at least one parameter is vulnerable to the injection, installs an OS Agent.
This module checks all the parameters in the given pages and, if at least one parameter is vulnerable to the injection, installs an OS Agent.
This module exploits a COM Server-based Binary Planting vulnerability on Microsoft Windows using a word document to deploy an agent.
The specific flaw exists within BeginPreRead() processing. When handling malformed 0x7f77 type fields.
Previously, the APC mechanism used to inject the agent in another process was done using an exe file written into the filesystem. This file could potentialy be detected with an AV. For this reason, its execution was changed to be from memory (using Impact's Dynamic Forking mechanism).
The Group Policy implementation in Microsoft Windows does not properly handle distribution of passwords, which allows remote authenticated users to obtain sensitive credential information and consequently gain privileges by leveraging access to the SYSVOL share.
Jenkins is prone to a remote vulnerability due to deserialization of untrusted inputs, allowing attackers to instantiate arbitrary Java objects leading to remote code execution.
This update adds proper CVE number, support for Jenkins with HTTPS enabled, and DNS channel support. It also extends on the supported platforms, improves IPv6 functionality and removes redundant code.
This update adds proper CVE number, support for Jenkins with HTTPS enabled, and DNS channel support. It also extends on the supported platforms, improves IPv6 functionality and removes redundant code.
The EnableNetwork method in the org.blueman.Mechanism D-Bus service of Blueman, a Bluetooth Manager, receives untrusted Python code provided by unprivileged users and evaluates it as root.
This can be leveraged by a local unprivileged attacker to gain root privileges.
This can be leveraged by a local unprivileged attacker to gain root privileges.