Remote Code Execution

Pierluigi Paganini January 28, 2015
Ghost Remote Code Execution Vulnerability scares the Linux community

The Linux GNU C Library (glibc) versions prior to 2.18 are affected by the GHOST remote code execution vulnerability present in the ‘gethostbyname’ function. A new critical vulnerability is threatening the Linux community, the flaw affects the glibc GNU C library. The vulnerability is present in all Linux systems dating back to 2000 and could […]

Pierluigi Paganini November 22, 2014
Windows Unicorn vulnerability exploited in the wild

Security companies have started detecting attacks that leverage a critical remote code execution (RCE) vulnerability in Windows, which Microsoft patched last week. On November 11th Microsoft has released that exploit the Unicorn (CVE-2014-6332) critical remote code execution vulnerability in Windows systems, which Microsoft patched on November 11th. The Unicorn vulnerability is addressed in one of the 14 security […]

Pierluigi Paganini September 20, 2014
Yahoo SQL Injection flaw allows Remote Code Execution and privileges scalation

The Egyptian hacker Ebrahim Hegazy has discovered a critical Yahoo SQL Injection flaw exploitable to Remote Code Execution and privilege escalation. My readers know very well the Egyptian hacker Ebrahim Hegazy, he is a great security expert and a friend of mine, which disclosed numerous critical flaws in most popular web services, including Microsoft, Yahoo and Orange. […]

Pierluigi Paganini September 18, 2014
Adobe issued critical security updates for Acrobat and Reader PDF

Adobe with a week of delay on the roadmap has released security updates to fix critical vulnerabilities in Acrobat and Reader PDF. Adobe has finally released critical security updates for its products Reader and Acrobat PDF software. The vulnerabilities fixed with these updates have been targeted by hackers in numerous cyber attacks worldwide. The security updates […]

Pierluigi Paganini July 17, 2014
Cisco Wireless Residential Gateway Remote Code Execution flaw

Multiple Cisco Wireless Residential Gateway products are affected by a critical flaw that could allow a remote attacker to hijack the devices. A security vulnerability affects multiple Cisco wireless residential Gateway products, the flaw resides on the web server an could be exploited by a remote attacker to hijack the network appliance. The flaw, ranked […]

Pierluigi Paganini July 16, 2014
OpenVPN Desktop client affected by a critical CSRF flaw

Researchers at SEC Consult have discovered a CSRF vulnerability in the OpenVPN Desktop Client that can allow remote code execution. Security researchers at SEC Consult have discovered a CSRF flaw in the OpenVPN Desktop client and promptly reported it to the company in May. OpenVPN Desktop Client for its Access Server is an SSL VPN for a variety […]

Pierluigi Paganini June 06, 2014
Microsoft issues the patch for the debated IE critical vulnerabilities

Microsoft has announced the official patch for the critical vulnerability discovered recently in the Internet Explorer. Microsoft has published the “Microsoft Security Bulletin Advance Notification for June 2014” in which are released seven security Bulletins addressing different vulnerabilities in the company’s products. The notification includes two critical Remote Code Execution vulnerabilities affecting the products Microsoft Windows, Internet Explorer, MS […]

Pierluigi Paganini April 15, 2014
Flickr affected by critical SQL Injection and Remote Code Execution bugs

The security expert Ibrahim Raafat discovered critical SQL injection vulnerabilities in Flickr Photo Books which allow attackers to gain complete control of the server and its database. The giant of online photo management and sharing Flickr, a Yahoo-owned company, was affected by critical vulnerabilities which allow attackers to gain access to the webserver website database. The alarming discovery […]

Pierluigi Paganini April 09, 2014
BlackBerry 10 affected by a remote code execution vulnerability

BlackBerry issued an alert on a remote code execution vulnerability in qconnDoor service that affects BlackBerry 10 smartphones. A recent BlackBerry Security Advisory informed users of the existence of a remote code execution vulnerability (CVE-2014-1468) that affect BlackBerry 10 smartphone running OS versions earlier than version 10.2.0.1055. As described in the advisory the attackers could exploit the vulnerability sending […]

Pierluigi Paganini March 25, 2014
Another zero-day vulnerability is threatening the Microsoft world

Microsoft issued a security advisory for the presence of a zero-day vulnerability in Microsoft Word products which allows a remote code execution. Another zero-day vulnerability is threatening the Microsoft world, the news was issued by Microsoft through an official security advisory (CVE-2014-1761). The vulnerability is present in Microsoft Word product, it allows a remote code execution that can […]