exploit the possibilities
Showing 51 - 75 of 1,404 RSS Feed

Files from Google Security Research

First Active2000-02-18
Last Active2019-09-16
Microsoft DirectWrite / AFDKO OpenType Out-Of-Bounds Read
Posted Jul 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from an out-of-bounds read vulnerability in OpenType font handling due to undefined FontName index.

tags | exploit
MD5 | 15c7ccf9e674ae48cbdea2b4707dd238
Microsoft DirectWrite / AFDKO OpenType Post Table Bugs
Posted Jul 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from multiple bugs in OpenType font handling related to the "post" table.

tags | exploit
MD5 | 03a8863a15856003f71eeae5cd1770df
Microsoft DirectWrite / AFDKO OpenType NULL Pointer Dereference
Posted Jul 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a NULL pointer dereferences vulnerability in OpenType font handling while accessing empty dynarrays.

tags | exploit
MD5 | 3952521fdd8e47962dae0060e8032151
Microsoft DirectWrite / AFDKO OpenType Read Of Uninitialized Memory
Posted Jul 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from allowing a read of uninitialized BuildCharArray memory in OpenType font handling.

tags | advisory
MD5 | 0f597bc65a24128f467c60bc1b563e6b
Microsoft DirectWrite / AFDKO OpenType readEncoding Buffer Overflow
Posted Jul 11, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readEncoding.

tags | exploit, overflow
MD5 | 7893bbd664f437470b182e7954cb25b0
Microsoft DirectWrite / AFDKO OpenType readCharset Buffer Overflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readCharset.

tags | exploit, overflow
advisories | CVE-2019-1128
MD5 | 2390f6f6b9d3f16e5ec16d348e370a2a
Microsoft DirectWrite / AFDKO OpenType Out-Of-Bounds Read / Write
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based out-of-bounds read/write vulnerability in OpenType font handling due to unbounded iFD.

tags | exploit
advisories | CVE-2019-1121
MD5 | 75f817529c0169de5dc33f342a2db85c
Microsoft DirectWrite / AFDKO Uninitialized Memory Use
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from an issue where it makes use of uninitialized memory while freeing resources in var_loadavar.

tags | exploit
MD5 | cc83ed79f81085bd663f0e5b89b27fa6
Microsoft DirectWrite / AFDKO do_set_weight_vector_cube Buffer Overflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a stack-based buffer overflow vulnerability in do_set_weight_vector_cube for large nAxes.

tags | exploit, overflow
MD5 | ea013854421dcefe1e364e1e0479a561
Microsoft DirectWrite / AFDKO OpenType Stack Corruption Due To Negative nAxes
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative nAxes.

tags | exploit
advisories | CVE-2019-1127
MD5 | 578c1d982270df68c386d40bdf609eb1
Microsoft DirectWrite / AFDKO OpenType Stack Corruption Due To Negative cubeStackDepth
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to negative cubeStackDepth.

tags | exploit
advisories | CVE-2019-1118
MD5 | c2b87476244efa92ba4a9be90250e805
Microsoft DirectWrite / AFDKO OpenType Stack Corruption Due To Out-Of-Bounds cubeStackDepth
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to out-of-bounds cubeStackDepth.

tags | exploit
advisories | CVE-2019-1117
MD5 | ece5873e0796605b68a4b0b2246aca1d
Microsoft DirectWrite / AFDKO readTTCDirectory Integer Overflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability due to integer overflow in readTTCDirectory.

tags | exploit, overflow
MD5 | fd6441bc85a328f96dea6a3df9dd185e
Microsoft DirectWrite / AFDKO OpenType readStrings Buffer Overflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readStrings.

tags | exploit, overflow
advisories | CVE-2019-1122
MD5 | d0abe298b7099fdd56fd834959ccc56b
Microsoft DirectWrite / AFDKO OpenType blendArray Stack Corruption
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a stack corruption vulnerability in OpenType font handling due to incorrect handling of blendArray.

tags | exploit
advisories | CVE-2019-1119
MD5 | 80a34393801d6bafb278329be316ef0b
Microsoft DirectWrite / AFDKO OpenType Stack Underflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from an interpreter stack underflow in OpenType font handling due to missing CHKUFLOW.

tags | exploit
MD5 | 7f6961168004be409e8c197691292c84
Microsoft DirectWrite / AFDKO OpenType readFDSelect Buffer Overflow
Posted Jul 10, 2019
Authored by Google Security Research, mjurczyk

Microsoft DirectWrite / AFDKO suffers from a heap-based buffer overflow vulnerability in OpenType font handling in readFDSelect.

tags | exploit, overflow
advisories | CVE-2019-1120
MD5 | 8fb35d7cf2ae4c9390c26184ed325550
Microsoft Font Subsetting DLL MergeFonts Out Of Bounds Read
Posted Jul 9, 2019
Authored by Google Security Research, mjurczyk

An issue has been discovered where the Microsoft Font Subsetting DLL (fontsub.dll) suffers from a heap-based out-of-bounds read vulnerability in MergeFonts.

tags | exploit
MD5 | dd39b9fd5450a1793c602b5c46899104
Spidermonkey Uninitialized Memory Access
Posted Jul 9, 2019
Authored by saelo, Google Security Research

In Spidermonkey, definite properties are incorrectly computed in some cases, leading to uninitialized memory access when unboxed objects are enabled.

tags | advisory
MD5 | 79fc5823bfa08cae2fcfd2ee4bbcd32c
iPhone iMessage Malformed Message Bricking
Posted Jul 4, 2019
Authored by Google Security Research, natashenka

An issue exists where a malformed iMessage can brick an iPhone. A method in IMCore can throw an NSException due to a malformed message containing a property with key IMExtensionPayloadLocalizedDescriptionTextKey with a value that is not a NSString.

tags | exploit
systems | apple, iphone
advisories | CVE-2019-8664
MD5 | fb007a18977fff5d77770c60f17d53df
Google ChromeOS SafeSetID LSM Transitive Trust
Posted Jul 3, 2019
Authored by Jann Horn, Google Security Research

Google ChromeOS SafeSetID LSM suffers from privilege escalation vulnerabilities.

tags | advisory, vulnerability
MD5 | 1eb159ed1602375544f5e4c09949e034
Google Chrome JS Execution Use-After-Free
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

JS execution inside ScriptForbiddenScope can lead to a use-after-free condition in Google Chrome.

tags | exploit
MD5 | a25a061dd8cd7a270718b44d30f1a415
Google Chrome AudioWorkletGlobalScope::Process Use-After-Free
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

Google Chrome suffers from a use-after-free vulnerability in AudioWorkletGlobalScope::Process.

tags | exploit
MD5 | 6daac66865b19bb201b237612eda82f9
Google Chrome PDF Plugin Pepper Socket API Access
Posted Jun 28, 2019
Authored by Google Security Research, Glazvunov

There is a security issue where Google Chrome's PDF plugin is allowed to use the Pepper Socket API. Patches are included in this archive.

tags | advisory
MD5 | 5bb6e50f43bb8b2d9342c6205e2cc79e
AMD Secure Encrypted Virtualization (SEV) Key Recovery
Posted Jun 26, 2019
Authored by Google Security Research, Cfir Cohen

AMD Secure Encrypted Virtualization (SEV) is a hardware memory encryption feature. SEV protects guest virtual machines from the hypervisor, provides confidentiality guarantees at runtime and remote attestation at launch time. The SEV elliptic-curve (ECC) implementation was found to be vulnerable to an invalid curve attack. At launch-start command, an attacker can send small order ECC points not on the official NIST curves, and force the SEV firmware to multiply a small order point by the firmware's private DH scalar. By collecting enough modular residues, an attacker can recover the complete PDH private key. With the PDH, an attacker can recover the session key and the VM's launch secret. This breaks the confidentiality guarantees offered by SEV.

tags | advisory, remote
advisories | CVE-2019-9836
MD5 | 559575654f299416a1c983c68aaf13ba
Page 3 of 57
Back12345Next

File Archive:

September 2019

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    1 Files
  • 2
    Sep 2nd
    38 Files
  • 3
    Sep 3rd
    30 Files
  • 4
    Sep 4th
    15 Files
  • 5
    Sep 5th
    12 Files
  • 6
    Sep 6th
    17 Files
  • 7
    Sep 7th
    3 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    24 Files
  • 10
    Sep 10th
    22 Files
  • 11
    Sep 11th
    22 Files
  • 12
    Sep 12th
    15 Files
  • 13
    Sep 13th
    5 Files
  • 14
    Sep 14th
    2 Files
  • 15
    Sep 15th
    1 Files
  • 16
    Sep 16th
    10 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2019 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close