HP Managed Printing Administration jobAcct Remote Command Execution
27 July 2013
Directory traversal vulnerability in the MPAUploader.Uploader.1.UploadFiles method in HP Managed Printing Administration before 2.6.4 allows remote attackers to create arbitrary files via crafted form data.
CVSS v2 Base Score: 7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
Brian Honan, CEO at BH Consulting, talks about a recent vulnerability disclosure trend – a trend that he believes may ultimately cause more harm than good: security vendors using vulnerability disclosure as a marketing tool with the goal of enhancing their company’s bottom line.
Attacks on the IoT can sound like the stuff of a movie thriller, but they are very real. The highly skilled and organized cybercriminals of today have the potential to tamper with a car’s firmware to kill its brakes.
Dyre's primary goal is to harvest victims' online credentials, and it's capable of doing this by mounting Man-in-the-Browser attacks against the three most commonly used Windows browsers: Internet Explorer, Firefox, and Chrome.