Learn Search

Search across all Learn content

SecPod Labs

Security Research

In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.

CVE-2014-1761: Zero-day vulnerability in Microsoft Word

CVE Research

CVE-2014-1761: Zero-day vulnerability in Microsoft Word

A zero-day vulnerability (CVE-2014-1761) in Microsoft Word is being exploited in the wild, which was discovered by the Google security team. A good vulnerability management software can prevent these attacks.

Mar 25, 2014 • 2 min read

BarracudaDrive Multiple XSS Vulnerabilities

CVE Research

BarracudaDrive Multiple XSS Vulnerabilities

SecPod Research Team member (Shakeel Bhat) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper validation of various parameter in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise the ap...

Mar 24, 2014 • 1 min read

Metasploit Module: Fitnesse Wiki Remote Command Execution

CVE Research

Metasploit Module: Fitnesse Wiki Remote Command Execution

SecPod Research Team member (Veerendra G.G) wrote Metasploit module for Fitnesse Wiki Remote Command Execution Vulnerability.

Mar 24, 2014 • 3 min read

Microsoft Security Bulletin Summary for March 2014

CVE Research

Microsoft Security Bulletin Summary for March 2014

Mar 10, 2014 • 2 min read

CVE-2014-2526: BarracudaDrive Multiple XSS Vulnerabilities

CVE Research

CVE-2014-2526: BarracudaDrive Multiple XSS Vulnerabilities

SecPod Research Team member (Prabhu S Angadi) has found Multiple Cross-Site Scripting Vulnerability in BarracudaDrive. The vulnerability is caused by improper validation of various parameters in various pages. This may allow an attacker to steal cookie-based authentication credentials, compromise th...

Mar 06, 2014 • 1 min read

CVE-2014-0322: Microsoft Internet Explorer 0-day Vulnerability.

CVE Research

CVE-2014-0322: Microsoft Internet Explorer 0-day Vulnerability.

A use-after-free vulnerability is present in Microsoft Internet Explorer 10 ( CVE-2014-0322 ), which allows remote attackers to execute arbitrary code.

Feb 26, 2014 • 2 min read

CVE-2013-5400: Analysis Of Authentication Bypass Vulnerability in IBM Platform Symphony

CVE Research

CVE-2013-5400: Analysis Of Authentication Bypass Vulnerability in IBM Platform Symphony

IBM Platform Symphony Developer Edition is a free software to develop and test High-performance computing (HPC) and Grid Computing SDK, which pool out your technical computing resources to run big data and/or compute-intensive problems. CVE-2013-5400 is an authentication bypass vulnerability in IBM ...

Feb 23, 2014 • 3 min read

CVE-2014-0502 : New Adobe Flash Player Zero-Day vulnerability

CVE Research

CVE-2014-0502 : New Adobe Flash Player Zero-Day vulnerability

Feb 23, 2014 • 3 min read

Microsoft Security Bulletin Summary for February 2014

CVE Research

Microsoft Security Bulletin Summary for February 2014

thirty-one individual vulnerabilities. Four Bulletins are classified as Critical and three as important. Using a vulnerability scanning tool.

Feb 11, 2014 • 2 min read