Published Vulnerabilities

Sun
06
Oct

Apple iOS 7.0.1 & 7.0.2 - Sim Lock Screen Display Bypass

Since the new iOS v7.0 got discovered, our team already discovered in january a secound local pass code bypass vulnerability in the iOS 6.1 & 6.2. This month we discover a new issue in the iOS v7.0.1 & v7.0.2 vulnerability. The issue affects the screen display mode when the sim card is locked by the iPhone or iPad device. At the end was able to bypass the locked screen display which is regular disabled.

The security vulnerability allows local attackers to bypass a restricted section of the phone application. The vulnerability is located in the iOS v7.0.1 & v7.0.2 when the `sim locked` mode is activated. The local attacker can redirect to the regular standard unlocked mode by using restricted functions with an unlock/ok popup box, calender hyper link + shutdown & home button.

Mon
05
Aug

Microsoft Yammer – OAuth Bypass & Token Vulnerability

Microsoft Yammer – OAuth Bypass & Token Vulnerability

At 2013-07-31 we got the info mail of the microsoft security response center regarding a submission of july. The advisory and security vulnerability report has been written by Ateeq Khan a new member of the vulnerability laboratory core research team. Ateeq's location is pakistan and he is a well known security researcher and penetration tester. The vulnerability report of Ateeq Khan is about a new remote oauth bypass vulnerability in the microsoft yammer social network online-service web application.

Pages

Subscribe to RSS - Published Vulnerabilities