exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

Files from Hossein Lotfi

First Active2010-12-07
Last Active2018-03-22
Microsoft Windows Embedded OpenType Font Engine hdmx Table Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error when processing hdmx table and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0761
SHA-256 | 2a94f7f054339d0976d53276ff87ada9d27f79dcb60ae3b25de95d30dae509bf
Microsoft Windows Embedded OpenType Font Engine Font Glyphs Handling Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the t2embed.dll module when handling font glyphs and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0760
SHA-256 | 0b68577b47235ad1c056c8041f6bba0b8dde116c586be554597f34d36dc08fa6
Microsoft Windows Embedded OpenType Font Engine "MTX_IS_MTX_Data()" Information Disclosure
Posted Mar 22, 2018
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose certain information. The vulnerability is caused due to an error within the "MTX_IS_MTX_Data()" function (t2embed.dll) and can be exploited to cause an out-of-bounds read memory access.

tags | advisory
systems | windows
advisories | CVE-2018-0755
SHA-256 | 2327aa0a2086a47bafe6a4dd4c56ff434f4ad7532bf68b3c9f82ef90955d8b00
Microsoft Windows LoadUvsTable() / LoadFont() Overflows
Posted May 23, 2017
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered multiple vulnerabilities in Microsoft Windows, which can be exploited by malicious people to compromise a vulnerable system. An error within the "LoadUvsTable()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. An integer overflow error within the "LoadFont()" function can be exploited to cause a heap-based buffer overflow via a font file containing specially crafted Unicode Variation Sequences tables. Successful exploitation of the vulnerabilities allows execution of arbitrary code.

tags | advisory, overflow, arbitrary, vulnerability
systems | windows
advisories | CVE-2017-0014
SHA-256 | 6171c4189358444433b6d183844713287c38ff36227d913c707846f7d310476c
Microsoft Windows LoadUvsTable() Buffer Overflow
Posted Mar 15, 2017
Authored by Hossein Lotfi

Microsoft Windows suffers from a LoadUvsTable() heap-based buffer overflow vulnerability.

tags | exploit, overflow
systems | windows
advisories | CVE-2016-7274
SHA-256 | 6c3a2f1a4a9fce3cb5b0969cffc7d3bb342fad7daeefec4c8a8bf5c8ce602491
Microsoft Windows OTF Parsing Table Encoding Record Offset
Posted Nov 10, 2016
Authored by Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to disclose potentially sensitive information or cause a DoS (Denial of Service). The vulnerability is caused due to an integer overflow error when processing CMAP table within Open Type Font (OTF) files and can be exploited to cause a kernel crash or disclose kernel memory via a specially crafted table encoding record offset within a OTF file.

tags | advisory, denial of service, overflow, kernel
systems | windows
advisories | CVE-2016-7210
SHA-256 | b3fe5824069c9a4b95decbd65be8308681bcd9c605cd54f833850c4f9d059f76
Microsoft Unicode Scripts Processor Arbitrary Code Execution
Posted Dec 17, 2015
Authored by Secunia, Hossein Lotfi

On the 8th December 2015, Microsoft released Security Bulletin MS15-130 to fix a vulnerability in Unicode Scripts Processor component found by Secunia Research. The vector for a successful exploitation is a specially crafted "True Type Font" (TTF) file, which typically can be embedded in e.g. Microsoft Office documents or even in emails and web-based content depending on the font type. Successful exploitation could result in arbitrary code execution.

tags | advisory, web, arbitrary, code execution
advisories | CVE-2015-6130
SHA-256 | ae0792efc0a69b310511509667b6228f00070e222be6e495c2a81037abe590ff
Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow
Posted Dec 10, 2015
Authored by Secunia, Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer underflow error within the "GetFontDesc()" function in usp10.dll when processing font files cmap table and can be exploited to cause a heap-based buffer overflow via a font file containing cmap table data with specially crafted offset within encoding records. Successful exploitation allows execution of arbitrary code.

tags | advisory, overflow, arbitrary
systems | windows
advisories | CVE-2015-6130
SHA-256 | d65fab95536006f5a8a8545eff4d02524698f63bed04d5515fe21776d1ea97e1
Google Picasa CAMF Section Integer Overflow
Posted Nov 12, 2015
Authored by Secunia, Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error when processing CAMF section in FOVb images and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in versions 3.9.140 Build 239 and 3.9.140 Build 248 running on Windows.

tags | advisory, overflow, arbitrary
systems | windows
SHA-256 | db72a3562dc68479de1367e98146b3c4c4222d69e61574ce70158fc840cac565
Google Picasa Phase One Tags Processing Integer Overflow
Posted Oct 26, 2015
Authored by Secunia, Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Google Picasa, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow error when processing data related to phase one 0x412 tag and can be exploited to cause a heap-based buffer overflow. Successful exploitation may allow execution of arbitrary code. The vulnerability is confirmed in versions 3.9.140 Build 239 and 3.9.140 Build 248 running on Windows.

tags | advisory, overflow, arbitrary
systems | windows
SHA-256 | 5ae53f5fbef1f5539ef71eddc2a163711178502a8a9d788c3571296844ce496d
Microsoft Windows GDI "MRSETDIBITSTODEVICE ::bPlay()" EMF Parsing Memory Corruption
Posted Apr 16, 2015
Authored by Secunia, Hossein Lotfi | Site secunia.com

Secunia Research has discovered a vulnerability in Microsoft Windows, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error within the "MRSETDIBITSTODEVICE::bPlay()" function (GDI32.dll) and can be exploited to cause a memory corruption via an EMF file with a specially crafted EMR_SETDIBITSTODEVICE record. Successful exploitation allows execution of arbitrary code.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2015-1645
SHA-256 | ed3d517ee666d030f5df6830cf8981005659fc92cb0c554af44305ac144591c1
iDEFENSE Security Advisory 2010-12-07.1
Posted Dec 7, 2010
Authored by iDefense Labs, Hossein Lotfi | Site idefense.com

iDefense Security Advisory 12.07.10 - Remote exploitation of a memory corruption vulnerability in Apple Inc.'s QuickTime media player could allow attackers to execute arbitrary code in the context of the targeted user. The vulnerability specifically exists in the way specially crafted PICT image files are handled by the QuickTime PictureViewer. When processing specially crafted PICT image files, Quicktime PictureViewer uses a set value from the file to control the length of a byte swap operation. The byte swap operation is used to convert big endian data to little endian data. QuickTime fails to validate the length value properly before using it. When a length value is larger than the actual buffer size supplied, it will corrupt heap memory beyond the allocated buffer, which could lead to an exploitable condition. QuickTime Player versions prior to 7.6.9 are vulnerable.

tags | advisory, remote, arbitrary
systems | apple
advisories | CVE-2010-3800
SHA-256 | 4bb677daf3bb8a3483d603a95401b8fbc17090e4dfc5ab0ec2cab5cd33f94563
Page 1 of 1
Back1Next

File Archive:

July 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    27 Files
  • 2
    Jul 2nd
    10 Files
  • 3
    Jul 3rd
    35 Files
  • 4
    Jul 4th
    27 Files
  • 5
    Jul 5th
    18 Files
  • 6
    Jul 6th
    0 Files
  • 7
    Jul 7th
    0 Files
  • 8
    Jul 8th
    28 Files
  • 9
    Jul 9th
    44 Files
  • 10
    Jul 10th
    24 Files
  • 11
    Jul 11th
    25 Files
  • 12
    Jul 12th
    11 Files
  • 13
    Jul 13th
    0 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close