exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 76 RSS Feed

Files from Thierry Zoller

Email addressthierry at zoller.lu
First Active2005-10-25
Last Active2020-03-02
TLS / SSLv3 Vulnerability Explained
Posted Nov 18, 2009
Authored by Thierry Zoller

This paper explains the TLS / SSLv3 vulnerability for a broader audience and summarizes the information that is currently available.

tags | paper, protocol
SHA-256 | e3e2ec70ee2040efbdbd9bc976ec570be8d2ff285c3860f57e0e4a9dff455e2f
McAfee Generic PDF Bypass
Posted Oct 28, 2009
Authored by Thierry Zoller

Improper parsing of the PDF structure by various McAfee products leads to evasion of detection of malicious PDF documents at scantime and runtime.

tags | advisory
SHA-256 | 74ef4730aa72a94a3d6fb571ee56a4ae27ce295cced8e9dca51ce6c1107da9f3
F-Secure Generic PDF Bypass
Posted Oct 28, 2009
Authored by Thierry Zoller

Improper parsing of the PDF structure by various F-Secure products leads to evasion of detection of malicious PDF documents at scantime and runtime.

tags | advisory
SHA-256 | 9f02651ae92071b892771f844ff0763ef40c20e6cfbe5d8fad99e50e0bae8ead
Symantec Generic PDF Bypass
Posted Oct 28, 2009
Authored by Thierry Zoller

Improper parsing of the PDF structure by various Symantec products leads to evasion of detection of malicious PDF documents at scantime and runtime.

tags | advisory
SHA-256 | c5195c92e8b5682c7ce5d732aadf8cc4e11df997abb11873f6eaa932099bcaa0
CA Products Denial Of Service
Posted Oct 14, 2009
Authored by Thierry Zoller

Improper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component leads to heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system.

tags | advisory, denial of service, virus
advisories | CVE-2009-3587, CVE-2009-3588
SHA-256 | 68c74583d8c2259e62743fb500c3ba5a7a8e32c2b91f70c32aba0e9279bc5cbd
iPhone / iTouch Code Execution
Posted Jul 23, 2009
Authored by Thierry Zoller

Calling the CSS attr() attribute with a large number leads to memory corruption, heap spraying allows execution of code. Arbitrary remote code execution can be achieved by creating a special website and enticing the victim into visiting that site. iPhone OS versions 1.x through 2.2.1 and iPhone OS for iPod Touch versions 1.x through 2.2.1 are affected.

tags | advisory, remote, arbitrary, code execution
systems | apple, iphone
advisories | CVE-2009-1698
SHA-256 | 133f492014f2bfbfa80c0caa0d28b13729b130a662880909a1e4dec7f7c492d9
ECMAScript Denial Of Service
Posted Jul 17, 2009
Authored by Thierry Zoller

ECMAScript in IE5, IE6, IE7, IE8, Netscape, Firefox, Safari, Opera, Konqueror, Seamonkey, Wii, PS3, iPhone, iPod, Nokia, Siemens and various other browsers allows for a denial of service condition.

tags | exploit, denial of service
systems | apple, iphone
advisories | CVE-2009-1692
SHA-256 | 0565fa347a433f911f7bc37200f43fcc3f38e665338086d0cdaaf81a0163b693
ClamAV 0.95 CAB Evasion
Posted Jun 19, 2009
Authored by Thierry Zoller

The parsing engine in ClamAV versions below 0.96 can be bypassed by manipulating CAB (Filesize) archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.

tags | advisory
SHA-256 | 5b71b0644c8e2c68a39b65b1d09e406706b0f0049ebfe813efb8f19923797186
F-prot Bypass Vulnerability
Posted Jun 19, 2009
Authored by Thierry Zoller

The F-prot parsing engine can be bypassed by a specially crafted and formatted RAR archive.

tags | advisory
SHA-256 | 0c190472862f04e28464f2f343fd6dc64e9cdc0911fa339c1390d3d426c7c594
ClamAV Generic Evasion
Posted Jun 16, 2009
Authored by Thierry Zoller

The parsing engine in ClamAV versions below 0.95.2 can be bypassed by manipulating RAR and ZIP archives in a "certain way" that the ClamAV engine cannot extract the content but the end user is able to.

tags | advisory
SHA-256 | cd01713e1fa44a2538cd9d9db21917cfb29f9249b3fbe9364d85a76bebad8d77
Apple Safari Remote Code Execution
Posted Jun 15, 2009
Authored by Thierry Zoller

Calling a CSS attr attribute with a large number leads to memory corruption in Apple Safari.

tags | advisory
systems | apple
SHA-256 | 8696c6faba5a8300579b75b6979bea48b7c31cb18483efb7802cc5c6b277d26c
Apple Safari / QuickTime Denial Of Service
Posted Jun 15, 2009
Authored by Thierry Zoller

Apple Safari and QuickTime programs suffer from a denial of service vulnerability.

tags | exploit, denial of service
systems | apple
SHA-256 | afebe5688f42de20f215c74637ba9a8e5c736d7c2a3f411f2ba4e22b0910b105
F-prot TAR Bypass / Evasion
Posted Jun 15, 2009
Authored by Thierry Zoller

The F-prot parsing engine can be bypassed by a specially crafted and formatted TAR archive.

tags | advisory
SHA-256 | dfbeadbf4429aedb4b3293e8587c35d54104a2ec76c6f28051b8946cbab51a94
Norman Generic Evasion
Posted Jun 15, 2009
Authored by Thierry Zoller

Norman with decompression engine versions below 5.99.07 suffer from a RAR related bypass vulnerability.

tags | advisory, bypass
SHA-256 | 2752bd6cbaf45a3d245c65d2ae96d8968b3aaa13fc4e7e50d8bb6ee07d35ab7e
Ikarus CAB/RAR/ZIP Evasions
Posted Jun 15, 2009
Authored by Thierry Zoller

The Ikarus parsing engine versions below 1.1.58 suffer from CAB, RAR, and ZIP related bypass vulnerabilities.

tags | advisory, vulnerability
SHA-256 | 358d51815c888893939a997bfb094d5961c12e6b4660b3012c271b5bda414c4b
Kaspersky PDF Evasion
Posted Jun 15, 2009
Authored by Thierry Zoller

It looks like all Kaspersky products suffer from a PDF evasion vulnerability.

tags | advisory
SHA-256 | cd9d34fb528ed2819f9b8bb441d40e6bcdba1169339605041dabcf34b70afc0f
Avira Antivir Generic Evasion
Posted May 30, 2009
Authored by Thierry Zoller

The Avira Antivir Anti-Virus engine can by bypassed by specially crafted RAR, CAB, ZIP, and LH files.

tags | advisory, virus
SHA-256 | b507728df20115d41c0d77dcddee65a95d9169e3affd2bae91bb1bf6aaa9fc62
Firefox Denial Of Service
Posted May 29, 2009
Authored by Thierry Zoller

Mozilla Firefox 3.x suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 3dc1b9655716e15b6e5baacdba75bde317977a3227906edce4971b5f07d58c57
Firefox Denial Of Service
Posted May 27, 2009
Authored by Thierry Zoller

Mozilla Firefox 3.x suffers from a remote denial of service vulnerability.

tags | exploit, remote, denial of service
SHA-256 | 6d915b4fa8b3b70bdca7951a40dc0558ec127c9f1f83c8070f46b77b85da1bac
Panda Generic Evasion
Posted May 24, 2009
Authored by Thierry Zoller

The Panda parsing engine can be bypassed by a specially crafted RAR archive.

tags | advisory
SHA-256 | 9ac3c241ee06ef07fe371b852889a42be9b6c33339e671ea7b19b30e46b88d46
Panda Generic Evasion
Posted May 24, 2009
Authored by Thierry Zoller

The Panda parsing engine can be bypassed by a specially crafted CAB archive.

tags | advisory
SHA-256 | fa9e2c473bbcd3968fb0d5ba3f2f9b5dadd39e366e25f2815a3d29269c8faac8
Avira Antivirus PDF Evasion
Posted May 19, 2009
Authored by Thierry Zoller

Avira Antivir suffers from a generic PDF evasion vulnerability.

tags | advisory
SHA-256 | c422cef1fb8f5e6a290025368c6ea7a997667b1917a52175b810af05426a9c05
Bitdefender PDF Evasion
Posted May 19, 2009
Authored by Thierry Zoller

Bitdefender suffers from a generic PDF evasion vulnerability.

tags | advisory
SHA-256 | 99a2cdc0ce6ef059b98aa6f4787625025485aefec24e2544574ee5c5cb5faee2
F-Prot CAB Bypass
Posted May 10, 2009
Authored by Thierry Zoller

The F-Prot parsing engine can be bypassed by a specially crafted and formatted CAB archive.

tags | advisory
SHA-256 | 77841a27d8754fba599c35e59f6a1993d8b7e9688fe7c6cbb6d1ba67295bcb2f
AVG Generic ZIP Bypass
Posted May 10, 2009
Authored by Thierry Zoller

The AVG parsing engine can be bypassed by a specially crafted and formatted ZIP archive.

tags | advisory
SHA-256 | 78ba2d958676f1093de1a3b7ea680a645c2d7465b65693c1fd0ed5118e9ef9fd
Page 2 of 3
Back123Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close