what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from Matthieu Bonetti

First Active2010-06-09
Last Active2012-10-25
Oracle Java Font Processing Glyph Element Memory Corruption
Posted Oct 25, 2012
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE / JDK 7u7 and below are affected. The vulnerability is caused by a memory corruption error within the "t2k.dll" component when processing certain glyph elements within a Font file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, java, remote, web
SHA-256 | 66dc6819b2fe3e487c6074ac50782425eb1e8e4d69820a4cb144ef9adcd00ea1
Google Chrome WebKit Engine Child Tag Deletion Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.

tags | advisory, remote, web
SHA-256 | a76cbf6bdbee711ebfce8dc173c64df62c4636a89ebcd164f53aaf43db1e466f
Google Chrome WebKit Engine Ruby Tag Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web, ruby
SHA-256 | f155029aeaa8cd2c97b5f87a4c567067ee56940483899fa350ddc410ece08479
Oracle Java ICC Profile "scrn" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | bd2b206e8cc01411d077ffd71f0fafae0c987444464bb20fda99e30bd818b823
Oracle Java ICC Profile "pseq" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 678973558fee6d7c54c5b90eec131c79bd3a0357dbfa4eb1520a4ec67f37cad6
Oracle Java ICC Profile "ncl2" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | e8f488754f08480d5e40ca95b2864ba0737678e88ade054dfd206889f6e07072
Oracle Java ICC Profile "mluc" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 672490db1b7e734d96fdac53de3b57b95abfd9ee95d4201e9143bb6ef215fe8b
Oracle Java ICC Profile "bfd" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, arbitrary
SHA-256 | cf0e788d1c843e3352da1703694e7f2744be0104b724b21b9d4cf89d96e5290a
Oracle Java ICC Profile "clrt" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | b9624b37a2d319db443cfde21d7b096739c7f479b3a17eae304af656f677d623
Apple Safari Text Nodes Remote Use-After-Free
Posted Apr 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
advisories | CVE-2011-1344
SHA-256 | 68273b636979cb1468a8090e5e58828a83e73978c0b22c05b24a4b9d3b8c295a
Apple Safari WebKit Block Dimensions Handling Integer Overflow
Posted Mar 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web, overflow
systems | apple
SHA-256 | 9ea8e14eaede3a9009c52340df2c57af7b693d761077f23322ac3fb77375bf67
Apple Safari WebKit Scroll Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 3eac3c011875096426021de4ca49199e1fcbfae351d58fd4ff58b13456d57a6c
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 80e96a9a3ad610f44e28f2afac84eacff444a571e1cc7649b9d31addcf586567
Apple Safari Selections Handling Use-after-free Vulnerability
Posted Nov 20, 2010
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling selections, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
SHA-256 | 59a2dbc0e79185188370ba50e0cb520c033c1c8611fd52c2f5070d1669fbd119
Apple Safari Scrollbar Handling Use-after-free Vulnerability
Posted Nov 20, 2010
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling scrollbars, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
SHA-256 | 62a3912023e72f43282e67320e6e2a3dfbbe98a67a2ac48f5ce807614829c2e5
Google Chrome Focus Processing Memory Corruption
Posted Sep 3, 2010
Authored by Matthieu Bonetti | Site vupen.com

VUPEN Vulnerability Research Team discovered a high risk vulnerability affecting Google Chrome. The vulnerability is caused by a memory corruption error when processing focus events, which could be exploited by remote attackers to potentially execute arbitrary code by tricking a user into visiting a specially crafted web page. Google Chrome versions prior to 6.0.472.53 are affected.

tags | advisory, remote, web, arbitrary
SHA-256 | 2295a6c5a62a9aab8f0009db39e9958b989b89bb1f3c39a635c47d462c9c9bfe
Apple Safari WebKit HTML Button Use-After-Free
Posted Jun 9, 2010
Authored by Matthieu Bonetti | Site vupen.com

Apple Safari WebKit suffers from a HTML button use-after-free vulnerability.

tags | advisory
systems | apple
advisories | CVE-2010-1392
SHA-256 | f36dcd883ac6b8ae5841337712b2ab864df2d80bbd1ba2cf60dff0d5f9bd52b2
Page 1 of 1
Back1Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close