Brandon

Members
  • Content Count

    550
  • Joined

  • Last visited

Everything posted by Brandon

  1. Wow..Didnt know any of them...
  2. Story published by Secunia Source: Peter Vreugdenhil Peter Vreugdenhil has reported a vulnerability in McAfee SecurityCenter, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to an error in restricting the browser domain in which the "mcinsctl.dll" ActiveX control can be instantiated. The control contains the "MCINSTALL.McLog" object that can be used to write to a log file. This can be exploited to create or append to arbitrary files, potentially allowing arbitrary code execution by creating files in the user's startup fo
  3. Story published by Secunia Source: Alex Wheeler Alex Wheeler has reported a vulnerability in Symantec AntiVirus, which potentially can be exploited by malicious people to compromise a vulnerable system. The vulnerability is caused due to a boundary error in Dec2Rar.dll when copying data based on the length field in the sub-block headers of a RAR archive. This can be exploited to cause a heap-based buffer overflow and may allow arbitrary code execution when a malicious RAR archive is scanned. The vulnerability has been reported in Dec2Rar.dll version 3.2.14.3 and potentially affects all Symante
  4. Happy Birthday Samjo Have a great day..
  5. Story published by Websense Security Labs Source: Websense Security Labs Websense Security Labs is seeing a large increase in the number of websites and emails that use deception and/or browser vulnerabilities to install potentially unwanted software. The common theme among these threats is the use lures of possible spyware infections on your machine. In some cases, the scam actually reports fraudulent information regarding the security of your PC. In many cases they also request money in return for cleaning the outlined security problems (we have seen as much as $500 per year). Over the las
  6. Seems too cover the basic stuff, nice find
  7. Story published by Secunia Source: Maksymilian Arciemowicz Maksymilian Arciemowicz has discovered a security issue in phpBB, which can be exploited by malicious people to conduct script insertion attacks. Input passed in the message body when posting isn't properly sanitised before being used. This can be exploited to inject arbitrary JavaScript code, which will be executed in a user's browser session in context of an affected site when the malicious post is viewed. Example: <B C=">" onmouseover=" " X="<B "> H E L O </B>Successful exploitation requires that "Allow HTML" is en
  8. Happy Birthday naraku9333 Have a great day..
  9. Happy Birthday Bozodog & Pandy Have a great day..
  10. A security issue has been reported in Trend Micro PC-cillin Internet Security, which can be exploited by malicious, local users to bypass certain security restrictions or gain escalated privileges. The vulnerability is caused due to insecure default file permissions being set on the installed files. This allows any user on the system to remove the files or replace them with malicious binaries. Successful exploitation allows disabling the protection or execution of arbitrary code with SYSTEM privileges. The security issue has been reported in Trend Micro PC-cillin Internet Security 2005 version
  11. Happy Birthday Screi Have a great day..
  12. Websense® Security Labs™ has received reports of an email scam disguised as a patch for McAfee products. Users receive a spoofed email message instructing them to click on a link to immediately download and install a patch from McAfee. This patch claims to address a virus that does not exisit. The link in the email takes users to a fraudulent website, that appears to be the legitimate McAfee security site. The patch hosted on this page is actually a Trojan downloader. The malicious site is hosted in the United States and was online at the time of this alert. Alert
  13. Brandon

    Handy Tool

    Cool could be useful..
  14. Happy Birthday therock247uk Have a great day..