Local proof of concept exploit for the Symantec Antivirus Engine that requires no special privileges (5 of 6).
7718ea0485483a8c51e5532e6a7026b9a70bee7575e9d782a7f39f146bb990f2Local proof of concept exploit for the Symantec Antivirus Engine (4 of 6).
3b29faa9132b4703f4e35c8a8ec09024b9cc65e357d9853556227bfd2ad4c9dbLocal proof of concept exploit for the Symantec Antivirus Engine (3 of 6).
8eea8ca29fb3ff25e0368e41bf061974a45d3cdeb846e266b5cf55e191c2a385Local proof of concept exploit for the Symantec Antivirus Engine (2 of 6).
a2449219141ac29887221691004cb2dab5400474056ce5c41cda9b14a0b6244cLocal proof of concept exploit for the Symantec Antivirus Engine (1 of 6).
020ec8d9ce5d3255c029d3b03dcd46000ebe2bddbc2eff9c86818ce8a441e4fcThe Symantec Antivirus Engine drivers NAVEX15.sys and NAVENG.sys are susceptible to privilege escalation attacks.
d5f65664b43a323c2a435f57a944a3583d1a1e92479ed775da15a872c6553ee5iDefense Security Advisory 10.05.06 - Local exploitation of a design error vulnerability in Symantec Corp. AntiVirus can allow an attacker to execute arbitrary code with kernel privileges. The vulnerability specifically exists due to improper address space validation when the NAVENG and NAVEX15 device drivers process IOCTL 0x222AD3, 0x222AD7, and 0x222ADB. An attacker can overwrite a user supplied address, including code segments, with a constant double word value by supplying a specially crafted Irp to the IOCTL handler function. iDefense has confirmed the existence of this vulnerability within version 10 of Symantec Client Security as of this writing. Previous versions, as well as relating products, which contain the NAVENG.SYS and NAVEX15.SYS drivers are suspected to be vulnerable as well.
732efba97b7ec341bff44782696cd383114b701e321b698f5802c60077ca466ciDefense Security Advisory 09.12.06 - Remote exploitation of a heap-based buffer overflow in Apple Computer's QuickTime Player could allow attackers to execute code under the privileges of the affected application. A FLIC file is an animation file consisting of a number of frames, each of which is made up of an image and may contain other information such as a palette or a label. The vulnerability specifically exists in the handling of the COLOR_64 chunk in FLIC format files. QuickTime does not validate that the data size allocated to store the palette is large enough, allowing a malformed file to cause controllable heap corruption. iDefense Labs confirmed that version 7.1 of the QuickTime player is vulnerable. It is suspected that all previous versions are also affected.
8bcabb0d8beb068b97d485b6166612603ed049aad375daf5647a8eed72680052The Kernel Object Manager is prone to a deadlock situation which could be exploitable making unkillable any process running, complicating its elimination. Exploit included.
17871ea1d002a3e25ba2cf1431e565ed676c7752e14f1d0fb9ed45a6c632038dWhitepaper discussing the fact that the Microsoft Server Message Block Redirector Driver (mrxsmb.sys) does not verify the user-mode buffer properly, allowing any user to overwrite any desired memory address. The successful exploitation results in Ring0 code execution.
8e72140b6ea3bdc38e8d99a76cc14e568dce6926a301540aba00a78f7cb44a46iDefense Security Advisory 02.01.06 - It has been found that a specially crafted m3u or pls file can overwrite a stack based buffer allowing for remote code execution. This vulnerability is specific to the 5.11 version of Winamp and does not affect previous versions.
55cfc9433a739a9d58acb02156040187fb0c6d1dfe185aad02576b64a0fdf607
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed