exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

Files from Jose Antonio Vazquez Gonzalez

First Active2010-09-11
Last Active2011-10-11
Opera Browser 10/11/12 (SVG layout) Memory Corruption
Posted Oct 11, 2011
Authored by Jose Antonio Vazquez Gonzalez | Site metasploit.com

This Metasploit module exploits a vulnerability in the bad nesting with SVG tags. Successfully exploiting leads to remote code execution or denial of service condition under Windows XP SP3 (DEP = off).

tags | exploit, remote, denial of service, code execution
systems | windows
SHA-256 | 29062b9f8cced306f88a84cb2355e266c3598c5e90d26f6c36e1d2fb743a0cbf
Opera 10/11 Memory Corruption
Posted Oct 6, 2011
Authored by Jose Antonio Vazquez Gonzalez | Site metasploit.com

This Metasploit module exploits a vulnerability in the nesting of frameset and iframe tags as implemented within Opera Browser. A memory corruption is triggered and some pointers got corrupted with invalid addresses. Successfully exploiting leads to remote code execution or denial of service condition under Windows XP SP3 (DEP = off).

tags | exploit, remote, denial of service, code execution
systems | windows
advisories | CVE-2011-2628, OSVDB-72406
SHA-256 | cca2c04d9608cabd67212e6b6de6f391c4ae540b9386fc4c1e27694218c8edb5
iDefense Security Advisory 07.20.11 - WebKit Heap Overflow
Posted Jul 21, 2011
Authored by iDefense Labs, Jose Antonio Vazquez Gonzalez | Site idefense.com

iDefense Security Advisory 07.20.11 - Remote exploitation of a heap based buffer overflow vulnerability in WebKit, as included with Apple Inc.'s Safari Web browser, could allow an attacker to execute arbitrary code with the privileges of the current user. Safari versions prior to 5.1 and 5.0.6 are vulnerable.

tags | advisory, remote, web, overflow, arbitrary
systems | apple
advisories | CVE-2011-0223
SHA-256 | 30357d20ea6ff88371b69718cc38e33ee295d328c17ebae326814210907aea07
iDEFENSE Security Advisory 2010-12-14.1
Posted Dec 14, 2010
Authored by Jose Antonio Vazquez Gonzalez | Site idefense.com

iDefense Security Advisory 12.14.10 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Internet Explorer could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists due to an uninitialized variable in the "CLayout::EnsureDispNode" method. This method is called to recalculate the location of various HTML elements within the page. This function passes a "CDispNodeInfo" object to another function, "CLayout::GetDispNodeInfo," which is supposed to initialize the object passed in; however, the function fails to properly initialize a flag's value that is used later to determine how many "extra" bytes to allocate for a heap buffer. This eventually leads to an undersized buffer being allocated to hold a "CDispClipNode" object in the "CLayout::EnsureDispNodeCore" function. The vulnerability manifests itself when the "CDispNode::SetUserClip" function attempts to use the invalid "extra size" to calculate an offset into the object and manipulate a bit at this location. This corrupts the objects VTABLE by setting the second bit to 1, which can lead to the execution of arbitrary code when this pointer is accessed later. Microsoft Internet Explorer 6, 7 and 8 are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2010-3962
SHA-256 | 71219e3d4aa0a8af4a6f70f59166543e9d763cb490d82b8b85ea2ee887b4898d
Webkit Memory Corruption
Posted Sep 11, 2010
Authored by Jose Antonio Vazquez Gonzalez

Webkit on Apple Safari versions prior to 4.1.2 and 5.0.2 and Google Chrome versions prior to 5.0.375.125 suffers from a memory corruption vulnerability.

tags | exploit
systems | apple
advisories | CVE-2010-1813
SHA-256 | 6377799e8809d0dbb51d80694c28c4c192e86d2cb2313c813d9801888e3a7294
Page 1 of 1
Back1Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close