Iss - iss.net
General Information:
Latest News:
Microsoft Internet Explorer Sandbox Bypass 18 Jul 2013 | 09:00 am
The Microsoft Internet Explorer sandbox (Protected Mode and Enhanced Protected Mode) has a vulnerability which allows code running in the sandbox to evade the elevation policy check which could result...
Microsoft Office vulnerability could allow remote code execution 11 Jun 2013 | 09:00 am
A remote code execution vulnerability exists in the way that Microsoft Office parses PNG files in specially crafted Office files.
Microsoft Vulnerability in HTTP.sys Could Allow Denial of Service 15 May 2013 | 09:00 am
A vulnerability exists in Microsoft Windows Server 2012 and Microsoft Windows 8 that if exploited successfully will cause denial of service.
Microsoft Internet Explorer Use After Free Vulnerability 15 May 2013 | 09:00 am
There is a use-after-free vulnerability affecting Microsoft Internet Explorer 8 (only ). The vulnerability came to light when it was used in a watering hole attack after a breach of a US Department of...
Apache/Lighthttpd/nginx Backdoor / Linux.Cdorked 15 May 2013 | 09:00 am
Backdoors on Apache, Lighthttpd and nginx servers have been discovered in the wild which have been observed distributing links to the Blackhole exploit kit.
Adobe Flash Player for Firefox Sandbox Bypass 27 Feb 2013 | 10:00 am
The sandbox feature of Adobe Flash Player for Firefox has a buffer overflow vulnerability which could result in privilege escalation. ADVISORY NOTE: Due to the nature of this vulnerability, IBM X-Forc...
Oracle Java Runtime Environment JMX code execution 26 Feb 2013 | 10:00 am
Malware has been seen in the wild which combines and exploits two vulnerabilities in Java to execute arbitrary code. One of the vulnerabilities is in the implementation of certain classes in the packa...
Microsoft Windows XML Core Services Could Allow Remote Code Execution 10 Jul 2012 | 12:00 pm
Microsoft Windows could allow a remote attacker to execute arbitrary code on the system, caused by an error in XML Core Services (MSXML) when attempting to access an object in memory that has not been...
PHP CGI configurations code execution 12 Jun 2012 | 12:00 pm
PHP versions before 5.3.12 and 5.4.2 may be affected by a vulnerability that allows command injection in the context of the web server process.
Microsoft Windows TrueType code execution 8 May 2012 | 04:00 pm
A vulnerability exists in code responsible for parsing TrueType fonts in Microsoft Windows' win32k.sys kernel module.