Multiple security issues have been found in the Mozilla Firefox web
browser, which could potentially result in the execution of arbitrary
code or clickjacking.
Category Archives: Advisories
DSA-5690-1 libreoffice – security update
Amel Bouziane-Leblond discovered that LibreOffice’s support for binding
scripts to click events on graphics could result in unchecked script
execution.
DSA-5689-1 chromium – security update
A security issue was discovered in Chromium, which could result
in the execution of arbitrary code, denial of service or information
disclosure. Google is aware that an exploit for CVE-2024-4761 exists
in the wild.
DSA-5692-1 ghostscript – security update
Multiple security issues were discovered in Ghostscript, the GPL
PostScript/PDF interpreter, which could result in denial of service and
potentially the execution of arbitrary code if malformed document files
are processed.
Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for arbitrary code execution.
Adobe Acrobat is a family of application software and Web services used to view, create, manipulate, print and manage Portable Document Format (PDF) files.
Adobe Substance3D Painter is a 3D painting software that allows users to texture and add materials directly to 3D meshes in real-time.
Adobe Substance3D Designer is a 3D design software that generates textures from procedural patterns inside node-based graphs.
Adobe Aero is a cross platform solution that enables creatives with no coding and mininmal 3D experience to design, share, and view interactive augmented reality experiences.
Adobe FrameMaker lets you create structured or template-based documents, review and collaborate with multiple content management systems and publish to a multitude of devices.
Adobe Dreamweaver is a proprietary web development tool.
Adobe Illustrator is a vector graphics editor and design software.
Adobe Animate is used to create vector graphics and interactive content.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
SEC Consult SA-20240513-0 :: Tolerating Self-Signed Certificates in SAP® Cloud Connector
Posted by SEC Consult Vulnerability Lab via Fulldisclosure on May 14
SEC Consult Vulnerability Lab Security Advisory < 20240513-0 >
=======================================================================
title: Tolerating Self-Signed Certificates
product: SAP® Cloud Connector
vulnerable version: 2.15.0 – 2.16.1 (Portable and Installer)
fixed version: 2.16.2 (Portable and Installer)
CVE number: CVE-2024-25642
impact: high
homepage:…
TROJANSPY.WIN64.EMOTET.A / Arbitrary Code Execution
Posted by malvuln on May 14
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/f917c77f60c3c1ac6dbbadbf366ddd30.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: TrojanSpy.Win64.EMOTET.A
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes a x64-bit “CRYPTBASE.dll”
PE file in its current directory. Therefore, we can hijack the DLL and
execute our own…
BACKDOOR.WIN32.ASYNCRAT / Arbitrary Code Execution
Posted by malvuln on May 14
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/2337b9a12ecf50b94fc95e6ac34b3ecc.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Backdoor.Win32.AsyncRat
Vulnerability: Arbitrary Code Execution
Description: The malware looks for and executes a x32-bit “CRYPTSP.dll” PE
file in its current directory. Therefore, we can hijack the DLL and execute
our own…
Re: Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
Posted by malvuln on May 14
Updated and fixed a payload typo and added additional info regarding the
stored persistent XSS see attached.
Thanks, Malvuln
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source: https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Panel.SmokeLoader
Vulnerability: Cross Site Request Forgery (CSRF) – Persistent XSS
Family: SmokeLoader…
Panel.SmokeLoader / Cross Site Request Forgery (CSRF)
Posted by malvuln on May 14
Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024
Original source:
https://malvuln.com/advisory/4b5fc3a2489985f314b81d35eac3560f_B.txt
Contact: malvuln13 () gmail com
Media: twitter.com/malvuln
Threat: Panel.SmokeLoader
Vulnerability: Cross Site Request Forgery (CSRF)
Family: SmokeLoader
Type: Web Panel
MD5: 4b5fc3a2489985f314b81d35eac3560f (control.php)
SHA256: 8d02238577081be74b9ebc1effcfbf3452ffdb51f130398b5ab875b9bfe17743
Vuln…