exploit the possibilities
Showing 1 - 9 of 9 RSS Feed

Files from markbrand

First Active2015-08-21
Last Active2016-12-02
Android IOMXNodeInstance::enableNativeBuffers Unchecked Index
Posted Dec 2, 2016
Authored by Google Security Research, markbrand

The code in IOMXNodeInstance.cpp that handles enableNativeBuffers uses port_index without validation, leading to writing the dword value 0 or 1 at an attacker controlled offset from the IOMXNodeInstance structure.

tags | exploit
advisories | CVE-2016-6706
MD5 | 3ede6fe787ef13e46140b9f0f16c742b
Android Binder Information Disclosure
Posted Oct 12, 2016
Authored by Google Security Research, markbrand

The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDER_TYPE_BINDER or BINDER_TYPE_WEAK_BINDER, a pointer to that object (in the server process) is leaked to the client process as the cookie value. This leads to a leak of a heap address in many of the privileged binder services, including system_server.

tags | exploit, kernel
advisories | CVE-2016-6689
MD5 | e83bfb2b1a84bc813acd3debc2921da3
Android /system/bin/sdcard Stack Buffer Overflow
Posted Jun 9, 2016
Authored by Google Security Research, markbrand

There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-2494
MD5 | 1bdd88725bdd46fe78efd604f1fac79e
Adobe Flash PCRE Regex Complication Logic Issue
Posted Mar 28, 2016
Authored by Google Security Research, markbrand

There's a logic error in the PCRE engine version used in Adobe Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.

tags | exploit, remote, arbitrary, code execution
systems | linux
advisories | CVE-2015-0318
MD5 | 43c83074e81ccb772958541a0b26c2f2
OS X Coreaudiod Calls Uninitialized Function Pointer
Posted Jan 27, 2016
Authored by Google Security Research, markbrand

com.apple.audio.coreaudiod is reachable from various sandboxes including the Safari renderer. coreaudiod is sandboxed and runs as its own user, nevertheless it has access to various other interesting attack surfaces which safari doesn't, allowing this bug to potentially form part of a full sandbox escape chain.

tags | exploit
systems | linux, apple
advisories | CVE-2015-7003
MD5 | 4ffc522752463f021b7dfadcba1ecdf9
Google Chrome Integer Overflow
Posted Nov 20, 2015
Authored by Google Security Research, markbrand

There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff windowThere's an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff window.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-6763
MD5 | f75118dcf00c75596a76a4999fdddd37
Samsung WifiHs20UtilityService Path Traversal
Posted Oct 27, 2015
Authored by Google Security Research, markbrand

A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle. Directory traversal in the path of the zipped contents allows an attacker to write a controlled file to an arbitrary path as the system user.

tags | exploit, arbitrary
systems | linux
advisories | CVE-2015-7888
MD5 | c3c06ce6ad0f16ab90edf812be408f97
Chrome Heap Overflow In Linux HID Device Handler
Posted Aug 21, 2015
Authored by Google Security Research, markbrand

A heap overflow exists due to a 64-32 integer truncation issue in device/hid/hid_connection_linux.cc.

tags | exploit, overflow
systems | linux
MD5 | 5cb31df0587d4482ccbadd192acab163
Flash PCRE Regex Compilation Zero-length Assertion Arbitrary Bytecode Execution
Posted Aug 21, 2015
Authored by Google Security Research, markbrand

There is an error in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.

tags | exploit, remote, arbitrary, code execution
systems | linux
advisories | CVE-2015-3042
MD5 | 263b173055757ddeee5316dc851ce253
Page 1 of 1
Back1Next

File Archive:

October 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    25 Files
  • 2
    Oct 2nd
    13 Files
  • 3
    Oct 3rd
    1 Files
  • 4
    Oct 4th
    1 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    15 Files
  • 7
    Oct 7th
    15 Files
  • 8
    Oct 8th
    11 Files
  • 9
    Oct 9th
    3 Files
  • 10
    Oct 10th
    1 Files
  • 11
    Oct 11th
    1 Files
  • 12
    Oct 12th
    8 Files
  • 13
    Oct 13th
    12 Files
  • 14
    Oct 14th
    23 Files
  • 15
    Oct 15th
    4 Files
  • 16
    Oct 16th
    13 Files
  • 17
    Oct 17th
    1 Files
  • 18
    Oct 18th
    1 Files
  • 19
    Oct 19th
    27 Files
  • 20
    Oct 20th
    41 Files
  • 21
    Oct 21st
    18 Files
  • 22
    Oct 22nd
    10 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close