exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from markbrand

First Active2015-08-21
Last Active2016-12-02
Android IOMXNodeInstance::enableNativeBuffers Unchecked Index
Posted Dec 2, 2016
Authored by Google Security Research, markbrand

The code in IOMXNodeInstance.cpp that handles enableNativeBuffers uses port_index without validation, leading to writing the dword value 0 or 1 at an attacker controlled offset from the IOMXNodeInstance structure.

tags | exploit
advisories | CVE-2016-6706
SHA-256 | 72e3f04c0dccca9d11b30c786b9e44b6ad70abc4202d48d377b62972e3b859af
Android Binder Information Disclosure
Posted Oct 12, 2016
Authored by Google Security Research, markbrand

The interaction between the kernel /dev/binder and the usermode Parcel.cpp mean that when a binder object is passed as BINDER_TYPE_BINDER or BINDER_TYPE_WEAK_BINDER, a pointer to that object (in the server process) is leaked to the client process as the cookie value. This leads to a leak of a heap address in many of the privileged binder services, including system_server.

tags | exploit, kernel
advisories | CVE-2016-6689
SHA-256 | d3a390084b839f03fc96f626d43551a1c0687c7d83accd79ef36bdd4b33ddbef
Android /system/bin/sdcard Stack Buffer Overflow
Posted Jun 9, 2016
Authored by Google Security Research, markbrand

There's an integer overflow issue in get_node_path_locked in /system/bin/sdcard on Android, which results in a buffer overflow.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-2494
SHA-256 | 03bc08380fba4bccc4dcff7acf038b1a908c760c3558b538af25c67c1f49b3aa
Adobe Flash PCRE Regex Complication Logic Issue
Posted Mar 28, 2016
Authored by Google Security Research, markbrand

There's a logic error in the PCRE engine version used in Adobe Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.

tags | exploit, remote, arbitrary, code execution
systems | linux
advisories | CVE-2015-0318
SHA-256 | 7634c378b901e854196bb2c6638f9cdaaeebb56a0a8e8bedc196af24d7ed49f8
OS X Coreaudiod Calls Uninitialized Function Pointer
Posted Jan 27, 2016
Authored by Google Security Research, markbrand

com.apple.audio.coreaudiod is reachable from various sandboxes including the Safari renderer. coreaudiod is sandboxed and runs as its own user, nevertheless it has access to various other interesting attack surfaces which safari doesn't, allowing this bug to potentially form part of a full sandbox escape chain.

tags | exploit
systems | linux, apple
advisories | CVE-2015-7003
SHA-256 | 040c5bc4ee814b9abdf174150d4582e8d233b7e6ea6fe2992ae37f08d1dc46e2
Google Chrome Integer Overflow
Posted Nov 20, 2015
Authored by Google Security Research, markbrand

There is an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff windowThere's an integer overflow issue in sanity checking section lengths when parsing the vcdiff format (used in SDCH content encoding). This results in the parser parsing outside of sane memory bounds when parsing the contents of a vcdiff window.

tags | exploit, overflow
systems | linux
advisories | CVE-2015-6763
SHA-256 | 7dd26a5b0e5074777454a033d2a5cf9abf8079a2604f2b566807914eb6911c4b
Samsung WifiHs20UtilityService Path Traversal
Posted Oct 27, 2015
Authored by Google Security Research, markbrand

A path traversal vulnerability was found in the WifiHs20UtilityService. This service is running on a Samsung S6 Edge device, and may be present on other Samsung device models. WifiHs20UtilityService reads any files placed in /sdcard/Download/cred.zip, and unzips this file into /data/bundle. Directory traversal in the path of the zipped contents allows an attacker to write a controlled file to an arbitrary path as the system user.

tags | exploit, arbitrary
systems | linux
advisories | CVE-2015-7888
SHA-256 | 518c9bcbcc800ca3f2eabf30aca38ce8d0b16a83ab93ae8b359b37e023aa64a9
Chrome Heap Overflow In Linux HID Device Handler
Posted Aug 21, 2015
Authored by Google Security Research, markbrand

A heap overflow exists due to a 64-32 integer truncation issue in device/hid/hid_connection_linux.cc.

tags | exploit, overflow
systems | linux
SHA-256 | 770ba2318e417025ee29f56a1103dfb964c9deb4f6c83609e26beb78d0effa4f
Flash PCRE Regex Compilation Zero-length Assertion Arbitrary Bytecode Execution
Posted Aug 21, 2015
Authored by Google Security Research, markbrand

There is an error in the PCRE engine version used in Flash that allows the execution of arbitrary PCRE bytecode, with potential for memory corruption and remote code execution.

tags | exploit, remote, arbitrary, code execution
systems | linux
advisories | CVE-2015-3042
SHA-256 | f100f0c5cc96a2a407b46491520f1bce43ba7ca526f4e6c69f5887bf768c2eca
Page 1 of 1
Back1Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close