CakePHP version 3.0.5 suffers from server-side request forgery attacks that can cause a denial of service condition.
884781604e0f231e38b3b0939d779f308df6b316c6f28e028451352741412abeThis whitepaper focuses on a method of stealing data as a client side script's identifier (variable or function name). The author describes these attack techniques / browser vulnerabilities and then discuss countermeasures for these issues.
8bfa6b14e13a3f906c5514c4e8df9d61d08c0fdbec7c3caccf3b7b25358569b0Firefox for Android versions prior to 24 suffer from a same-origin bypass vulnerability via symbolic links.
3a942520517c20e308519b9afe21ca2358a820d16f116fa1c7d936f24bb9491bStruts2 suffers from an OGNL injection vulnerability that allows for redirection. Versions 2.0.0 through 2.3.15 are affected.
8dd8aee0be9f1818cac60e7eaadec5a677b61944590e6c481865994fb69abbf0CakePHP versions 2.3.7 and 2.2.8 suffer from a local file inclusion vulnerability.
92c71209b2cf74bbca5dffab287435b8882d6cd95365ae3008c5330a8b79f357Struts2 suffers from an open redirection vulnerability. Versions 2.0.0 through 2.3.15 are affected.
8e587d23a0336a32690f4388769b814ac267b69bb258b88ffb28d65bb7e874dcThe Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with "action:" or "redirect:", followed by a desired navigational target expression. This mechanism was intended to help with attaching navigational information to buttons within forms. In Struts 2 before 2.3.15.1 the information following "action:", "redirect:" or "redirectAction:" is not properly sanitized. Since said information will be evaluated as OGNL expression against the value stack, this introduces the possibility to inject server side code. This Metasploit module has been tested successfully on Struts 2.3.15 over Tomcat 7, with Windows 2003 SP2 and Ubuntu 10.04 operating systems.
c240d5878f508b714bf5ceed219b636cd035393594292bf01d990b95dae4b372The LoginActivity of the Facebook for Android application has an improper intent handling flaw that allows for malicious Android applications to perform private file theft. Version 1.8.2 was released to address this vulnerability.
bfd6840f9cf9dfaa8007ee516aa404c4986914448f276af4a47c918238fb498dSymbolic links can be used for spoofing Content-Type of local files and this enables malicious Android applications the ability to steal Chrome's cookie file. Version 18.0.1025308 was released to address this vulnerability.
20dd3d870f049909a9ad1c797062381c1dafee9065f6baad9f3348dc65d0e398Chrome for Android's Same-Origin Policy for local files (file: URI) can be bypassed by using symbolic links. It results in theft of Chrome's private files by malicious Android applications. Version 18.0.1025308 was released to address this vulnerability.
31b4f82055384f1f95a84986da35e99a7077219bca1316b3a7026760d9c6556aBy abusing Java objects exposed to JavaScript, malicious web pages can execute arbitrary commands on Chrome for Android, if the accessibility setting of the device is enabled. Version 18.0.1025308 was released to address this vulnerability.
95e692ac40350a557feb45c1ae2225015502f27f4e789618b992e21f7de06b96Chrome for Android suffers from an issue where a malicious application has the ability to steal private information. Version 18.0.1025308 was released to address this vulnerability.
d32b410ecbaee0bf30696c5cc4ecfbba670e0931bde59217b08a9f1e54df5589Chrome for Android suffers from a universal cross site scripting vulnerability via com.android.browser.application_id. Version 18.0.1025308 was released to address this vulnerability.
c81f58fce093180e26cfa2cc77ccdcaf789da62cd74bdb5fa8948d858c2f5c2f
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed