what you don't know can hurt you
Showing 1 - 25 of 306 RSS Feed

Files from mjurczyk

Email addressmjurczyk at google.com
First Active2015-08-19
Last Active2022-01-13
Apple ColorSync Out-Of-Bounds Read
Posted Jan 13, 2022
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from out-of-bounds read vulnerabilities due to integer overflows in curve table initialization.

tags | exploit, overflow, vulnerability
systems | apple
advisories | CVE-2021-30942
SHA-256 | 55736f35713879a403e9db74f555530baf0f44d465185f687162ed25742170f4
Apple ColorSync CMMNDimLinear::Interpolate Uninitialized Memory
Posted Nov 24, 2021
Authored by Google Security Research, mjurczyk

Apple ColorSync suffers from a use of uninitialized memory in CMMNDimLinear::Interpolate.

tags | exploit
systems | apple
advisories | CVE-2021-30917
SHA-256 | c6e92780fc2927adc2e9e480e3f3df311d03eb907303e5535429ca81152d95f9
Adobe Reader CoolType Arbitrary Stack Manipulation
Posted Mar 18, 2021
Authored by Google Security Research, mjurczyk

Adobe Reader suffers from a CoolType arbitrary stack manipulation vulnerability.

tags | exploit, arbitrary
advisories | CVE-2021-21086
SHA-256 | e6703e4405ade1d03a75e4857bf44ec5bae3db2765b274db11f9a3907aaa8cda
Microsoft Windows Kernel NtGdiGetDeviceCapsAll Race Condition / Use-After-Free
Posted Mar 12, 2021
Authored by Google Security Research, mjurczyk

Microsoft Windows kernel suffers from a use-after-free of the PDEVOBJ object via a race condition vulnerability in NtGdiGetDeviceCapsAll.

tags | exploit, kernel
systems | windows
advisories | CVE-2021-26863
SHA-256 | bb85729e5392cb276b101d5c3546a158cfd681c68133d999f6aeb0d73a9eba5b
Microsoft DirectWrite fsg_ExecuteGlyph Buffer Overflow
Posted Feb 26, 2021
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from a heap-based buffer overflow vulnerability in fsg_ExecuteGlyph while processing variable TTF fonts.

tags | exploit, overflow
advisories | CVE-2021-24093
SHA-256 | 8081b53b0d195e1dda179eb5d68655b804a5f0537401864ffad8e16293222683
Apple Safari Remote Code Execution
Posted Feb 5, 2021
Authored by Google Security Research, mjurczyk

Apple Safari is susceptible to a remote code execution vulnerability via an undefined othersubr in Type 1 fonts handled by libType1Scaler.dylib on macOS and iOS.

tags | exploit, remote, code execution
systems | apple, ios
advisories | CVE-2020-27930
SHA-256 | ee0df6f67552aebe8e8c91b5e13e7a4dc6342b9e701c512f4847cf4f5b91f7cc
Samsung Android Skia Qmage Image Codec Heap Buffer Overflow
Posted Aug 17, 2020
Authored by Google Security Research, mjurczyk

Samsung Android suffers from a heap buffer overflow vulnerability and other issues in the Skia Qmage image codec.

tags | exploit, overflow
SHA-256 | 8278d045827b4eff29f2172dbc3aedcdd9b26834e1eb56fe5b93c3a49113d8f1
Adobe DNG SDK Memory Corruption
Posted May 12, 2020
Authored by Google Security Research, mjurczyk

Adobe DNG SDK suffers from memory corruption and other crashes caused by malformed .dng images.

tags | exploit
SHA-256 | 5e0cb4cf3dda82ee681cc340b6ee9c3fd167c5e730a49ac40effd6914c779db6
Adobe DNG SDK dng_lossless_decoder::DecodeImage Out-Of-Bounds Read
Posted May 12, 2020
Authored by Google Security Research, mjurczyk

Adobe DNG SDK suffers from an out-of-bounds read that can lead to an arbitrary write vulnerability in dng_lossless_decoder::DecodeImage.

tags | exploit, arbitrary
SHA-256 | 10f9d909a875c4ab314d16a0b9077d0dc02afff41825b02a198cf4fd6e780afd
Samsung Android Remote Code Execution
Posted May 8, 2020
Authored by Google Security Research, mjurczyk

Samsung Android suffers from multiple interaction-less remote code execution vulnerabilities as well as other remote access issues in the Qmage image codec built into Skia.

tags | exploit, remote, vulnerability, code execution
advisories | CVE-2020-8899
SHA-256 | 8320966018d4b52176f05a64a93fb6afca4e855a819b53c26fc977897451134d
Adobe Acrobat Reader DC For Windows Memory Corruption
Posted Dec 11, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows suffers from a heap-based memory corruption vulnerability due to malformed TTF font handling.

tags | exploit
systems | windows
advisories | CVE-2019-16451, CVE-2019-8042
SHA-256 | 52720aca1bb25855bea6b8110f4ef0a7ad452669bb3fa7ac468a9e7eb6917fce
Adobe Acrobat Reader DC For Windows Malformed OTF Font Uninitialized Pointer
Posted Nov 11, 2019
Authored by Google Security Research, mjurczyk

An issue exists where Adobe Acrobat Reader DC for Windows makes use of an uninitialized pointer due to a malformed OTF font (CFF table).

tags | exploit
systems | windows
advisories | CVE-2019-8196
SHA-256 | b1bf04c65ad437b01024526bb2275ef06a48d4d1c4c8b6baad74ee018c6781cb
Adobe Acrobat Reader DC For Windows Malformed JBIG2Globals Stream Uninitialized Pointer
Posted Nov 11, 2019
Authored by Google Security Research, mjurczyk

An issue exists with Adobe Acrobat Reader DC for Windows use of an uninitialized pointer due to malformed JBIG2Globals stream.

tags | exploit
systems | windows
advisories | CVE-2019-8195
SHA-256 | b4c1c4616f1b47202c87a8e7a745b41ef182efc413e1bb3ef7d20c5851e0f314
Adobe Acrobat Reader DC For Windows JP2 Stream Buffer Overflow
Posted Oct 16, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability that can be leveraged via malformed JP2 streams.

tags | exploit, overflow
systems | windows
advisories | CVE-2019-8197
SHA-256 | 07bec088df6d1d4a744e1d86ed31a0aac446913a56104312574c18e5470ed87e
Microsoft Windows Kernel nt!MiRelocateImage Out-Of-Bounds Read
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in nt!MiRelocateImage while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1347
SHA-256 | 09a78b9b27104c74d7493858414d676b9c84bec99187241c744837c44ab57c68
Microsoft Windows Kernel CI!HashKComputeFirstPageHash Out-Of-Bounds Read
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!HashKComputeFirstPageHash while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1346
SHA-256 | 8731c4f2a1bd813e3c65fef7d7e537efc2972b0c7272429e92f40c7bd02522f8
Microsoft Windows Kernel nt!MiParseImageLoadConfig Out-Of-Bounds Read
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an out-of-bounds read in nt!MiParseImageLoadConfig while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1345
SHA-256 | e6ea263f84cba66ae6dc8429b12b85100d09ee248df83f0d7ab7363703db8e01
Microsoft Windows Kernel CI!CipFixImageType Out-Of-Bounds Read
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from an out-of-bounds read vulnerability in CI!CipFixImageType while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1344
SHA-256 | e7b8c25f33beda97114ea81fe60b35ef1fd7558c7d25be720038945e9658b5c6
Microsoft Windows Kernel nt!MiOffsetToProtos NULL Pointer Dereference
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

The Microsoft Windows kernel suffers from a null pointer dereference vulnerability in nt!MiOffsetToProtos while parsing a malformed PE file.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1343
SHA-256 | 8ac7acafcd51257924a2252b8c1909c6077d4d441f55c97ee3e5eb46f3b038d6
Microsoft Windows Kernel win32k.sys TTF Font Processing win32k!ulClearTypeFilter Pool Corruption
Posted Oct 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft Windows Kernel suffers from a TTF font processing win32k!ulClearTypeFilter pool corruption vulnerability in win32k.sys.

tags | exploit, kernel
systems | windows
advisories | CVE-2019-1364
SHA-256 | ab7b06a9750d305bdd7569044211204829905b7723e935325e0ee319ceb7d2ad
Microsoft DirectWrite sfac_GetSbitBitmap Out-Of-Bounds Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an out-of-bounds read in sfac_GetSbitBitmap while processing TTF fonts.

tags | exploit
advisories | CVE-2019-1244
SHA-256 | aa2d5d7be90b6f28c281bef6187c775b1dfc2408d2066e1d3ea3a0b1eeca0a0e
Microsoft DirectWrite SplicePixel Invalid Read
Posted Sep 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite suffers from an invalid read in SplicePixel while processing OTF fonts.

tags | exploit
advisories | CVE-2019-1245
SHA-256 | 4d40188c13a19d3f86978a4337818897a6919c2d01372f9e540c97358af7ad4a
Adobe Acrobat Reader DC For Windows JP2 Stream Double-Free
Posted Aug 15, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows suffers from a double-free vulnerability due to a malformed JP2 stream.

tags | exploit
systems | windows
advisories | CVE-2019-8044
SHA-256 | 9a967f14a6f1e3f92d0430b0da8175a9443a1f6bb06f95f6c893f913cb1083e2
Adobe Acrobat Reader DC For Windows Uninitialized Pointer free()
Posted Aug 15, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows could trigger a free() of an uninitialized pointer due to malformed JBIG2Globals streams.

tags | exploit
systems | windows
advisories | CVE-2019-8045
SHA-256 | ae0772b359ffab02768fae4abf48d5cc1c91b6eaad1a3383adae69d9a008fa93
Adobe Acrobat Reader DC For Windows JP2 Stream Buffer Overflow
Posted Aug 15, 2019
Authored by Google Security Research, mjurczyk

Adobe Acrobat Reader DC for Windows suffers from a heap-based buffer overflow vulnerability due to a malformed JP2 stream.

tags | exploit, overflow
systems | windows
advisories | CVE-2019-8046
SHA-256 | ca5fb967b8533f425833f828810de3fff47fe2a53fe196cfbc6b090a8340c57a
Page 1 of 13
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close