what you don't know can hurt you
Showing 1 - 1 of 1 RSS Feed

Files

Zero Day Initiative Advisory 10-087
Posted May 12, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-087 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Shockwave. User interaction is required in that a target visit a malicious website. The specific flaw exists within the code responsible for parsing Director files. The vulnerable function is exported as an ordinal from the iml32.dll module. Ordinal 1409 trusts a value from the file as an offset and updates pointers accordingly. By crafting a large enough value and seeking the file pointer past the end of a buffer this can be abused to corrupt heap memory. An attacker can abuse this to execute arbitrary code under the context of the user running the browser.

tags | advisory, remote, arbitrary
advisories | CVE-2010-1281
MD5 | bb1b60f2bd46c566ed9a3c3e4a15d36c
Page 1 of 1
Back1Next

Top Authors In Last 30 Days

Recent News

News RSS Feed
US Stopped Using Floppy Disks To Manage Nuclear Weapons Arsenal
Posted Oct 19, 2019

tags | headline, government, usa, military
Zappos Offers Users 10% Discount In 2012 Breach Settlement
Posted Oct 18, 2019

tags | headline, hacker, privacy, data loss, identity theft
Cryptocurrency Execs Charged With Running $11 Million Ponzi Scheme
Posted Oct 18, 2019

tags | headline, bank, cybercrime, fraud, cryptography
How The Wheels Came Off Facebook's Libra Project
Posted Oct 18, 2019

tags | headline, government, bank, facebook, social, cryptography
Samsung Bug Allows Any Fingerprint To Unlock Phones
Posted Oct 18, 2019

tags | headline, phone, flaw, password, samsung
Dancho Danchev Launches New Uncle George Initiative
Posted Oct 17, 2019

tags | headline, hacker, cybercrime, fraud
Oracle Patches 218 Security Vulnerabilities
Posted Oct 17, 2019

tags | headline, database, flaw, patch, oracle
SHIELD Act Passes Committee
Posted Oct 17, 2019

tags | headline, government, usa, fraud
Cozy Bear Is Back In Action Again
Posted Oct 17, 2019

tags | headline, government, usa, russia, fraud, cyberwar, facebook, social
Cybercrime Tool Prices Bump Up In Dark Web Markets
Posted Oct 17, 2019

tags | headline, hacker, cybercrime, fraud
View More News →
packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close