Social-Engineer Toolkit (SET) v7.7 “Blackout” Released

TrustedSec is proud to announce a major release of the Social-Engineer Toolkit (SET) v7.7. This version incorporates support for hostnames in the HTA attack vector, and a redesigned Java Applet attack vector. Java is still widely used in corporations and with a valid code signing certificate can be one of the easiest ways to get […]
The post Social-Engineer Toolkit (SET) v7.7 “Blackout” Released appeared first on TrustedSec – Information Security.

Link: https://www.trustedsec.com/blog/social-engineer-toolkit-set-v7-7-blackout-released/

Potrace 1.12 image Overflow Vulnerability

Heap-based buffer overflow in the bm_readbody_bmp function in bitmap_io.c in potrace before 1.13 allows remote attackers to have impact via a crafted BMP image

Link: http://www.securiteam.com/securitynews/5KP311FM1Q.html

Oracle Mysql Enterprise Monitor 3.1.3.7856 Remote Code Execution Vulnerability

Oracle Mysql Enterprise Monitor is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Link: http://www.securiteam.com/securitynews/5JP301FM1E.html

Oracle Istore 12.1.1 critical data Remote Code Execution Vulnerability

Oracle Istore is prone to a remote code-execution vulnerability.This allows a remote attacker to exploit this issue to execute arbitrary code in the context of the user running the affected application. Failed exploit attempts may result in a denial-of-service condition.

Link: http://www.securiteam.com/securitynews/5XP2Y1FM1E.html