exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from Mathias Payer

TRENDnet Command Injection / Buffer Overflow / Cross Site Scripting

Posted Dec 9, 2018

Authored by Mathias Payer, Hamed Okhravi, Prashast Srivastava, Howard Shrobe

TRENDnet devices suffer from buffer overflow, code execution, and cross site scripting vulnerabilities.

tags | advisory, overflow, vulnerability, code execution, xss

advisories | CVE-2018-19239, CVE-2018-19240, CVE-2018-19241, CVE-2018-19242

SHA-256 | f4f105cc731bba444d75c5dd728b0cd23a7aa26f5bf52dfd3001c43bcd7bcc37

Download | Favorite | View

Cross-VM ASL INtrospection (CAIN)

Posted Aug 6, 2015

Authored by Thomas R. Gross, Kaveh Razavi, Antonio Barresi, Mathias Payer

A new attack vector against memory de-duplication in Virtual Machine Monitors (VMM) was discovered where attackers can effectively leak randomized base addresses of libraries and executables in processes of neighboring Virtual Machines (VM).

tags | advisory

advisories | CVE-2015-2877

SHA-256 | 9e6b738d2e5eaffe490fd377d28c69a0a18083b0200b814f25bc8610ba712523

Download | Favorite | View