Other | MyAntiSpyware - Part 2

MyAntiSpyware

Found vulnerability in the Firefox built-in popup blocker

Myantispyware team February 7, 2007 No Comment Exploits & Vulnerabilities

This vulnerability, coupled with an additional trick, allows the attacker to read arbitrary user-accessible files on the system, and thus steal some fairly sensitive information. Vulnerable Systems: Firefox version 1.5.0.9 For security reasons, Firefox does not allow Internet-originating websites to access the file:// namespace. When the user chooses to manually allow a blocked popup however,

Read more »
Found new vulnerability in the Internet Explorer / how to protect

Myantispyware team October 2, 2006 No Comment Exploits & Vulnerabilities

Found new vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to an error in the Windows Shell and is exposed via the “setSlice()” method in the WebViewFolderIcon ActiveX control (webvw.dll). This can e.g. be exploited via Internet Explorer by a malicious website

Read more »
How to block VML exploit

Myantispyware team September 20, 2006 No Comment Exploits & Vulnerabilities, Tips, Tutorials - HowTo

Some days ago has been found new Zero day exploit. The exploit uses a bug in VML in Internet Explorer to overflow a buffer and inject shellcode. It is currently on and off again at a number of sites. Secunia reported: The vulnerability is caused due to a boundary error in the Microsoft Vector Graphics

Read more »
Found new Internet Explorer Vulnerability

Myantispyware team August 31, 2006 No Comment Exploits & Vulnerabilities

Found Internet Explorer (daxctle.ocx) Heap Overflow Vulnerability. When Internet Explorer handle DirectAnimation.PathControl COM object(daxctle.ocx) Spline method, Set the first parameter to 0xffffffff will triggers an invalid memory write, That an attacker may DoS and possibly could execute arbitrary code. Affected windows version: Windows 2000 Windows XP Windows 2003 Windows users.. check out Firefox, Opera, and

Read more »
Java extremely important update

Myantispyware team August 30, 2006 No Comment Updates

Sun has released a fresh update for Java Runtime Environment. This is an extremely important update. JRE has long been used to install malware as it contains numerous vulnerabilities which allow remote code execution. Another important factor is that JRE works with all web browsers. This means that a vulnerability in JRE will affect all

Read more »
Exploits for new microsoft vulnerabilities available

Myantispyware team July 24, 2006 No Comment Critical patch, Exploits & Vulnerabilities

Internet Storm Center reported about available exploit code for MS06-034, MS06-035, and MS06-036. If you haven’t already patched for these vulnerabilities you should take immediate action. MS06-034 – unchecked IIS buffer vulnerability in ASP files processing This patch fixes what seems to be a buffer overflow in IIS. This buffer overflow can be exploited when

Read more »
New way – Exploiting over distiance

Myantispyware team July 10, 2006 No Comment Exploits & Vulnerabilities

An ISC reader pointed out this relatively new exploit vector. At the upcoming BlackHat conference, a duo is going to demonstrate hacking WiFi device drivers to assume control of a target machine. The two researchers used an open-source 802.11 hacking tool called LORCON (Loss of Radio Connectivity) to throw an extremely large number of wireless

Read more »
OpenOffice.org fixes three security vulnerabilites

Myantispyware team June 30, 2006 No Comment Exploits & Vulnerabilities

OpenOffice.org 2.0.3 fixes three security vulnerabilites that have been found through internal security audits. Although there are currently no known exploits, They urge all users of 2.0.x prior to 2.0.2 to upgrade to the new version or install their vendor’s patches accordingly. Patches for users of OpenOffice.org 1.1.5 will be available shortly. The three vulnerabilities

Read more »
Found new vulnerability in Microsoft Excel

Myantispyware team June 16, 2006 No Comment Exploits & Vulnerabilities

ISC and Microsoft reported about new vulnerability in Microsoft Excel. Also found exploit using the vulnerability for install malware. Now Symantec can to detect this attack. Trojan.Mdropper.J is a Trojan horse that drops Downloader.Booli.A on the compromised computer. It exploits an undocumented vulnerability in Microsoft Excel. The Symantec website also reports … Downloader.Booli.A may arrive

Read more »
Update your systems

Myantispyware team June 14, 2006 No Comment Critical patch

Microsoft released twelve updates addressing various issues yesterday. There are several for different flavors of Windows and IE, and others for Word (MS06-027), PowerPoint (MS06-028), and Media Player 10 (MS06-024).The patch for Word fixes an issue that was found in May. Make update soon. ISC reported about newly released exploits for these vulnerabilities. Here a

Read more »

Previous
1
2
3
…
9
10
Next