•Dassault Systèmes collaborated with SATS, Asia’s leading food solutions and gateway services provider, to boost operational efficiency, minimize food waste •Growth in airline passenger travel underscores need for sustainable excellence in aerospace industry-related commercial services •Digital twin experience with the 3DEXPERIENCE platform bridges the gap between the virtual and real for in-flight catering production

•Annual event in Shanghai gathers global decision-makers to discuss digital trends, insights and best practices for sustainable manufacturing in the Industry Renaissance •Speakers include thought leaders from ABB, Accenture, China Center for Information Industry Development, FAW Group Corporation, Huawei, IDC, SATS •Interactive workshops featuring the 3DEXPERIENCE platform highlight the transformative role of virtual worlds on the creation of new customer experiences

The HtmlHelp application (hh.exe) in Microsoft windows read a value from a .CHM file to set a length parameter. By setting this to a large value, it is possible to overwrite sections of the heap with attacker supplied values. Affected software includes: Microsoft Windows 98, 98SE, ME, Microsoft Windows NT 4.0, Microsoft Windows 2000 Service Pack 4, Microsoft Windows XP, Microsoft Windows XP Service Pack 1, Microsoft Windows Server 2003.

Multiple Microsoft Windows 98/ME/2000/XP/2003 HTML Help file loading hijack vulnerabilities exist. Proof of concept included.

ASP.NET Core version 5.-RC1 suffers from an HTTP header injection vulnerability.

The ZeroNights 2019 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia November 12th through the 13th, 2019.

The Great War: Linux -vs- Minix

The CA BrightStor Discovery Service overflow exploit is a perl module exploits a vulnerability in the CA BrightStor Discovery Service which occurs when a large request is sent to UDP port 41524, triggering a stack overflow. Targets include Win32, win2000, winxp, and win2003. More information available here.

CA BrightStor Discovery Service SERVICEPC Overflow for Win32, win2000, winxp, and win2003 which exploits a vulnerability in the TCP listener on port 45123. Affects all known versions of the BrightStor product. More information available here.

jQuery versions prior to 3.5 suffer from an html() cross site scripting vulnerability.

This exploit leverages both invalid typecast and memory disclosure vulnerabilities in Microsoft Silverlight 5 in order to achieve code execution. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program. Google flags this as malware so only use this if you know what you are doing. The password to unarchive this zip is the word "infected".

Microsoft Silverlight 5 suffers from invalid typecast and memory disclosure vulnerabilities that, when leveraged together, allow for arbitrary code execution. A memory disclosure vulnerability exists in the public WriteableBitmap class from System.Windows.dll. This class allows reading of image pixels from the user-defined data stream via the public SetSource() method. BitmapSource.ReadStream() allocates and returns byte array and a count of array items as out parameters. These returned values are taken from the input stream and they can be fully controlled by the untrusted code. When returned "count" is greater than "array.Length", then data outside the "array" are used as input stream data by the native BitmapSource_SetSource() from agcore.dll. Later all data can be viewed via the public WriteableBitmap.Pixels[] property. Exploitation details related to these findings were purchased through the Packet Storm Bug Bounty program.

A bug exists in the PalmOS httpd that causes a crash with a "Fatal Error". Full exploit included.

Create-Project Manager version 1.07 suffers from cross site scripting and html injection vulnerabilities.

IPhone TreasonSMS suffers from html injection and file inclusion vulnerabilities.