what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 4 of 4

Files from Florent Hochwelker

Oracle Java Applet Preloader Click-2-Play Warning Bypass

Posted Jul 8, 2013

Authored by Florent Hochwelker | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by a design error in the Java click-2-play security warning when the preloader is used, which can be exploited by remote attackers to load a malicious applet (e.g. taking advantage of a Java memory corruption vulnerability) without any user interaction. Oracle Java versions 7u21 and below are affected.

tags | advisory, java, remote

SHA-256 | 10e02ec7b9426a95440e714eac97006eaeca4b625413293939ad86595f91ad55

Download | Favorite | View

Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow

Posted Apr 18, 2013

Authored by Florent Hochwelker | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by a heap overflow error within the JavaFX component when decoding certain video frames, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, java, remote, web, overflow

SHA-256 | a2eb4b5d305a7ac6991835ccb5811297e7d48909f1c506568314ba2a5970316c

Download | Favorite | View

Oracle Java Font Processing "maxPointCount" Heap Overflow

Posted Oct 25, 2012

Authored by VUPEN, Florent Hochwelker | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE/JDK 7u7 and below are affected. The vulnerability is caused by a heap overflow error within the "t2k.dll" component when processing a malformed "maxPointCount" field within a Font, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, java, remote, web, overflow

SHA-256 | d9af8230d41a685d5e7bb40755a541e997054f9dc783a564ea76685d82b0f2cd

Download | Favorite | View

VLC MMS Stream Handling Buffer Overflow

Posted May 3, 2012

Authored by sinn3r, juan vazquez, Florent Hochwelker | Site metasploit.com

This Metasploit module exploits a buffer overflow in VLC media player VLC media player prior to 2.0.0. The vulnerability is due to a dangerous use of sprintf which can result in a stack buffer overflow when handling a malicious MMS URI. This Metasploit module uses the browser as attack vector. A specially crafted MMS URI is used to trigger the overflow and get flow control through SEH overwrite. Control is transferred to code located in the heap through a standard heap spray. The module only targets IE6 and IE7 because no DEP/ASLR bypass has been provided.

tags | exploit, overflow

advisories | CVE-2012-1775, OSVDB-80188

SHA-256 | 7856c6264ba9fc35e320d076f363c777f1720c644ed1819cf46c0dd75d155ea8

Download | Favorite | View