exploit the possibilities
Showing 1 - 1 of 1 RSS Feed

Files

Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution
Posted Aug 26, 2010
Authored by Aaron Portnoy, Logan Brown | Site dvlabs.tippingpoint.com

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave Player. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the code responsible for parsing the Director RIFF based file format. While handling the rcsL chunk, code within DIRAPIX sign-extends a return value from a call to Ordinal1412 within the IML32X module. This ordinal is responsible for unmarshalling a WORD value from the RIFF chunk. If the value is signed, DIRAPIX sign-extends the value, performs arithmetic on it, and then proceeds to use it as an offset into a heap-based buffer. By supplying any of a specific range of values, an attacker can exploit this condition to execute arbitrary code under the context of the user running the web browser.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-2867
MD5 | 96d9afaf64e2fd149b9f8514366fefeb
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
U.S. Intelligence Says Huawei Funded By Chinese State Security
Posted Apr 20, 2019

tags | headline, government, usa, china, cyberwar, spyware, backdoor
Marcus Hutchins Pleads Guilty To Two Counts Of Banking Malware Creation
Posted Apr 20, 2019

tags | headline, hacker, government, malware, bank, usa, britain
Ransomware Ravages Municipalities Nationwide This Week
Posted Apr 20, 2019

tags | headline, government, malware, cybercrime, fraud
Facebook Fights To Shield Zuckerberg In US Privacy Probe
Posted Apr 20, 2019

tags | headline, government, privacy, usa, data loss, fraud, facebook, social
Weather Channel Knocked Off-Air In Dangerous Precedent
Posted Apr 19, 2019

tags | headline, denial of service
Facebook Security Lapse Affects Millions More Instragram Users Than First Stated
Posted Apr 19, 2019

tags | headline, privacy, data loss, password, facebook, social
Unexpected Security Feature In Microsoft Edge Subverts IE Security
Posted Apr 19, 2019

tags | headline, microsoft, flaw
Mueller Report Dives Into Russia And Trump
Posted Apr 19, 2019

tags | headline, government, usa, russia, fraud, fbi
State-Sponsored DNS Hijacking Infiltrates 40 Firms Globally
Posted Apr 18, 2019

tags | headline, hacker, government, dns, cyberwar
EA Origin Client Bug Allows Threat Actors To Run Remote Code
Posted Apr 18, 2019

tags | headline, flaw
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close