exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

Files from Felipe Andres Manzano

Email addressprivate
First Active2008-07-10
Last Active2013-05-31
View User Profile
Sketchup MAC Pict Material Palette Stack Corruption
Posted May 31, 2013
Authored by Felipe Andres Manzano

SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professions. SketchUp fails to validate the input when parsing an embedded MACPict texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a stack overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.

tags | advisory, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2013-3662
SHA-256 | 5d7db50f9ade70ce95f84ac3b672882ffe82ae29e7be793a09e28762eee3b890
SketchUp BMP RLE8 Heap Overflow
Posted May 31, 2013
Authored by Felipe Andres Manzano

SketchUp is a 3D modeling program marketed by Google (2011) and designed for architectural, civil, and mechanical engineers as well as filmmakers, game developers, and related professionals. SketchUp fails to validate the input when parsing an embedded BMP RLE8 compressed texture. Arbitrary code execution is proved possible after a malicious texture or thumbnail or background image triggers a heap overflow. The issue can also be triggered when Windows Explorer reads the embedded thumbnail in a .skp file.

tags | advisory, overflow, arbitrary, code execution
systems | windows
advisories | CVE-2013-3663
SHA-256 | 17f8e6491de725a6356d5a28d83dd57f558bceb76d8c03f99d318c61e37535e5
AdobeCollabSync Buffer Overflow Adobe Reader X Sandbox Bypass
Posted May 23, 2013
Authored by Felipe Andres Manzano, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability on Adobe Reader X Sandbox. The vulnerability is due to a sandbox rule allowing a Low Integrity AcroRd32.exe process to write register values which can be used to trigger a buffer overflow on the AdobeCollabSync component, allowing to achieve Medium Integrity Level privileges from a Low Integrity AcroRd32.exe process. This Metasploit module has been tested successfully on Adobe Reader X 10.1.4 over Windows 7 SP1.

tags | exploit, overflow
systems | windows
advisories | CVE-2013-2730, OSVDB-93355
SHA-256 | 362b070d8c1cff7e3047e6ccc9833c6d39410fbd8d44ca7e08e17d15068ff919
Adobe Illustrator CS5.5 Memory Corruption Proof Of Concept
Posted Jun 14, 2012
Authored by Felipe Andres Manzano

Adobe Illustrator CS5.5 memory corruption proof of concept exploit that spawns a calculator.

tags | exploit, proof of concept
advisories | CVE-2012-0780
SHA-256 | 35acd4b2f3b86dad800d4dd1e04e53c4376cae35b9ee1d7a968284f59cf357ee
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
Posted Dec 31, 2009
Authored by Felipe Andres Manzano, jduck | Site metasploit.com

This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-2994
SHA-256 | 7d4d1c9d8fe1d36f17d6776c8b9cbcf05cf5f1144bc437fe3eb1909f688d2b15
Adobe U3D CLODProgressiveMeshDeclaration Array Overrun
Posted Dec 31, 2009
Authored by Felipe Andres Manzano, jduck | Site metasploit.com

This Metasploit module exploits an array overflow in Adobe Reader and Adobe Acrobat. Affected versions include < 7.1.4, < 8.1.7, and < 9.2. By creating a specially crafted pdf that a contains malformed U3D data, an attacker may be able to execute arbitrary code.

tags | exploit, overflow, arbitrary
advisories | CVE-2009-2990
SHA-256 | fdb0c241722cd2aa67d4eb9f05c46f52ce09ac8fae6eb7afb1cb35f20897926e
Adobe Acrobat Reader Arbitrary Dereference Proof Of Concept
Posted Nov 17, 2009
Authored by Felipe Andres Manzano

When a U3D CLODProgressiveMeshContinuation (blocktype: 0xFFFFFF3C) is parsed by Adobe Acrobat Reader U3D plugin the split position index is read from the input without any validation. That index is then used for getting an object out of the limits of the array, object from which a function pointer is dereferenced and called. Adobe Acrobat Reader version 8.1.6 and below and 9.1.3 and below are affected.

tags | exploit
advisories | CVE-2009-2990
SHA-256 | f13045466b5a75506fbe65fd83ad85cca5999df4143ceaf0a1f3d413d2624905
Adobe Acrobat Reader Array Overrun
Posted Oct 27, 2009
Authored by Felipe Andres Manzano

This is a detailed analysis regarding the U3D CLODProgressiveMeshDeclaration initialization array overrun that affects Adobe Acrobat Reader versions 7.x, 8.x, and 9.x. Exploit included.

tags | exploit, overflow
advisories | CVE-2009-2994
SHA-256 | c090417dc1342b3cda436100dd5256853c41e6b89eb64b311be1a05620d98e00
poppler-poc.txt
Posted Jul 10, 2008
Authored by Felipe Andres Manzano | Site andres.manzano.googlepages.com

The libpoppler pdf rendering library can free uninitialized pointers leading to arbitrary code execution. This vulnerability results from memory management bugs in the Page class constructor/destructor. Proof of concept code included.

tags | exploit, arbitrary, code execution, proof of concept
SHA-256 | c1288b18cc7452b560c12a505d9330fb0bd9fbaa310774754459fd282a0736a0
Page 1 of 1
Back1Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close