exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 10 of 10 RSS Feed

Files from Diego Juarez

First Active2008-04-04
Last Active2018-12-21
GIGABYTE Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges. Affected versions include GIGABYTE APP Center 1.05.21 and below, AORUS GRAPHICS ENGINE 1.33 and below, XTREME GAMING ENGINE 1.25 and below, and OC GURU II 2.08.

tags | exploit, local, vulnerability
advisories | CVE-2018-19320, CVE-2018-19321, CVE-2018-19322, CVE-2018-19323
SHA-256 | 48d96c0c3430d878112464f31d6eeadae2c2f83b0d2533746e74c9f17d8e0f36
ASUS Driver Privilege Escalation
Posted Dec 21, 2018
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Multiple vulnerabilities were found in the GLCKIo and Asusgio drivers installed by ASUS Aura Sync, which could allow a local attacker to elevate privileges. ASUS Aura Sync versions 1.07.22 and below are affected.

tags | exploit, local, vulnerability
advisories | CVE-2018-18535, CVE-2018-18536, CVE-2018-18537
SHA-256 | 255511782c79945ab6f218abd699801864552a7945b1791b84b548a8c0971a6a
ASRock Drivers Privilege Escalation / Code Execution
Posted Oct 27, 2018
Authored by Core Security Technologies, Diego Juarez | Site secureauth.com

ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions. These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options. Multiple vulnerabilities were found in AsrDrv101.sys and AsrDrv102.sys low level drivers, installed by ASRock RGBLED and other ASRock branded utilities, which could allow a local attacker to elevate privileges. Vulnerable packages include ASRock RGBLED before version 1.0.35.1, A-Tuning before version 3.0.210, F-Stream before version 3.0.210, and RestartToUEFI before version 1.0.6.2.

tags | exploit, local, vulnerability
advisories | CVE-2018-10709, CVE-2018-10710, CVE-2018-10711, CVE-2018-10712
SHA-256 | 3b57e1d843a64059edf1200acba22a276913db2838fb449328d307badda0ce0e
Orbit Downloader URL Unicode Conversion Overflow
Posted Feb 24, 2012
Authored by Diego Juarez, juan vazquez | Site metasploit.com

This Metasploit module exploits a stack-based buffer overflow in Orbit Downloader. The vulnerability is due to Orbit converting an URL ascii string to unicode in a insecure way with MultiByteToWideChar. The vulnerability is exploited with a specially crafted metalink file that should be opened with Orbit through the "File->Add Metalink..." option.

tags | exploit, overflow
advisories | CVE-2008-1602, OSVDB-44036
SHA-256 | 3fabd80b37cf0e1969d54e9e5602e17e7766d95225a456a310cee421d520516c
Core Security Technologies Advisory 2011.0204
Posted May 12, 2011
Authored by Core Security Technologies, Diego Juarez, Eduardo Koch, Laura Balian | Site coresecurity.com

Core Security Technologies Advisory - Adobe Audition is vulnerable to numerous buffer overflows while parsing several fields inside the TRKM chunk on session (.ses) files. Then, a memory corruption can be leveraged to execute arbitrary code on vulnerable systems by enticing users to open specially crafted session files.

tags | exploit, overflow, arbitrary
advisories | CVE-2011-0615
SHA-256 | bca39d351128dc119a842d9e07ba7f07d956f9a7c41897996b07986de69c7d31
Core Security Technologies Advisory 2010.0624
Posted Oct 13, 2010
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Core Security Technologies Advisory - While investigating the OpenType Compact Font Format vulnerability disclosed in MS10-037, Diego Juarez discovered another kernel bug in the parsing of OTF files. Loading a malformed OpenType font can cause the entire system to crash. The vulnerability could be used locally by attackers with access to an unprivileged account to elevate privileges to those of a System Administrator.

tags | advisory, kernel
advisories | CVE-2010-2741
SHA-256 | 0e3069b48078cc6ce57a0ba9ae979121fd8801e0819abc6cd8b9765d2daa3a61
Core Security Technologies Advisory 2009.0803
Posted Mar 16, 2010
Authored by Core Security Technologies, Diego Juarez, Nicolas A. Economou | Site coresecurity.com

Core Security Technologies Advisory - A vulnerability found in the memory management of the Virtual Machine Monitor makes memory pages mapped above the 2GB available with read or read/write access to user-space programs running in a Guest operating system.

tags | advisory
SHA-256 | 06e57ed0863415c369e25cbef95b7d726f955222074ae28cf5b2b20d11fdfe9d
Core Security Technologies Advisory 2009.0913
Posted Mar 3, 2010
Authored by Core Security Technologies, Diego Juarez, Nadia Rodriguez

Core Security Technologies Advisory - Luxology Modo 401 suffers from an integer overflow vulnerability when parsing .LXO files.

tags | exploit, overflow
advisories | CVE-2010-0766
SHA-256 | 51b9cf82b285e0e429b33854d143984df2fb806fbb892adaa88ca3f6cc587050
Core Security Technologies Advisory 2009.0519
Posted Jul 8, 2009
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Core Security Technologies Advisory - Awakening's Winds3D Viewer, which runs as a plugin within most popular web browsers, is vulnerable to a remotely exploitable arbitrary command execution vulnerability which can be triggered by making the user visit a malicious link/website. Versions 3.5.0.0 and 3.0.0.5 are vulnerable.

tags | exploit, web, arbitrary
advisories | CVE-2009-2386
SHA-256 | 9678ea739c83991289267c1a44276a19199e2657a49fbf488df9eccc5dd96d31
Core Security Technologies Advisory 2008.0314
Posted Apr 4, 2008
Authored by Core Security Technologies, Diego Juarez | Site coresecurity.com

Core Security Technologies Advisory - Orbit Downloader is vulnerable to a buffer overflow attack which can be exploited to execute arbitrary code. Versions 2.6.3 and 2.6.4 are verified vulnerable.

tags | advisory, overflow, arbitrary
advisories | CVE-2008-1602
SHA-256 | 5d3f26cc60b2acbc37303d798ced9e82dfcc36f67de4fa6c23dad8b588c86a14
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close