This Metasploit module exploits an uninitialized memory vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, which fails to initialize allocated memory. When using a correct memory layout this vulnerability leads to a ByteArray object corruption, which can be abused to access and corrupt memory. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 and IE11 with Flash 15.0.0.189.
5e90527feb81af64901755b776a489cf3494498219d1281419ecb16f62818f6fThis Metasploit module exploits an integer overflow in Adobe Flash Player. The vulnerability occurs in the copyPixelsToByteArray method from the BitmapData object. The position field of the destination ByteArray can be used to cause an integer overflow and write contents out of the ByteArray buffer. This Metasploit module has been tested successfully on Windows 7 SP1 (32-bit), IE 8 to IE 11 and Flash 14.0.0.176, 14.0.0.145 and 14.0.0.125.
0261f65421dd66c2140dc4d01ec869ffa16a08028c90426650ee76ecbe40cc47VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a design error in the "ntdll.LdrHotPatchRoutine" function which can be abused to load an arbitrary library e.g. from a remote network share, leading to arbitrary code execution and ASLR bypass.
80c160d6c598062067a6a89779a585babc9a0065f719657a207d41d32477c58aThis Metasploit module exploits an integer overflow vulnerability on Internet Explorer. The vulnerability exists in the handling of the dashstyle.array length for vml shapes on the vgx.dll module. This Metasploit module has been tested successfully on Windows 7 SP1 with IE8. It uses the the JRE6 to bypass ASLR by default. In addition a target to use an info leak to disclose the ntdll.dll base address is provided. This target requires ntdll.dll v6.1.7601.17514 (the default dll version on a fresh Windows 7 SP1 installation) or ntdll.dll v6.1.7601.17725 (version installed after apply MS12-001).
f2191edac3137a6b3823d086c1f17193130422c73f5e897f52c93a6ab9e66486VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion error in the IE broker process when processing unexpected variant objects, which could allow an attacker to execute arbitrary code within the context of the broker process to bypass Internet Explorer Protected Mode sandbox.
29cb1429a2a37f3d946b4ea603d9780f63a083ee715c7fb7c04574f48f13cb5fVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an integer overflow error in the "vml.dll" component when processing certain undocumented vector graphic properties, which could be exploited by remote attackers to leak arbitrary memory and compromise a vulnerable system via a malicious web page.
1cc53c7aa3e2dd5a6aeb2b6dce696e0d93ccd616548beed17512a42068a61e21VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CDisplayPointer::MoveToMarkupPointer()" function within mshtml.dll when processing "CDisplayPointer" objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
e5e548ba5a74174d5d7c255cb471591e157927133fffef086d64a8599f45024aVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CWindow::scroll()" function within mshtml.dll when processing specially crafted "Scroll" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
c980f0d3b2870ce91c4913b2f39e9e2354b613c57d06b4ce7124f31d1a1c6ff5VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an object confusion error when processing malformed Real Time Messaging Protocol (RTMP) data received during the initial phase of communication with a server, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page. Adobe Flash Player versions prior to 11.7.700.169 are affected.
a61b22a16c3befda80224c940393c4411503ad1032eee6935dce23f0995ad911VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onMove" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
74cac2fd4680b3b10d2bd5cbfa550491862f2c557deb06f06b2b52ff1c26b695VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onResize" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
e7dd1c9d022b3a29ac08d671f377d6068705d06e27996f487998ab6b3c9df55bVUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the XUL "nsHTMLEditRules::nsHTMLEditRules()" function when processing certain objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.
f0d46293df9a00f2fa660f6e96989d985d27caaecef937c4a4865e96961181eeVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the "SysAllocStringLen()" function within the "Oleaut32.dll" (Object Linking and Embedding Automation) library, which could allow remote attackers to execute arbitrary code via a specially crafted web page or Office document.
8e67f8b3f49e0baf5c8cdedac5b1335d0cde5c5ed9ab9eb564c2802292ccb781VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "imgRequestProxy::OnStopRequest()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.
6ff9c9465d128e7723f00c6eb8b2c513970c66279404d1491f6201d4b7ded1cdThe VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "onMove" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.
85f55c391fa51f8db9e2ea2e5872c2b57c06a40ec881bb2bd591e58f9ae0baadThe VUPEN Vulnerability Research Team has discovered a critical vulnerability in Microsoft Internet Explorer versions 8 and 9. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing certain "scrollIntoView" events, which could allow remote attackers the ability to execute arbitrary code via a specially crafted web page.
f1a197c1783c02ee319890a13237b275d13b69b33b95c58bfe6caca575473a2cVUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error in the "setUserData()" method within the "nsHTMLEditRules" class, which could allow remote attackers execute arbitrary code via a specially crafted web page. Products affected include Mozilla Firefox versions prior to 15, Mozilla Firefox ESR versions prior to 10.0.7, Mozilla Thunderbird versions prior to 15, Mozilla Thunderbird ESR versions prior to 10.0.7, and Mozilla SeaMonkey versions prior to 2.12.
b959bb054b031b5fb76ff256d6ea33e667b137e39e0b15d5f9ad08cc17dd93afVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft products. The vulnerability is caused by a use-after-free error in the "TabStrip" Control within the "MSCOMCTL.OCX" component, which could allow remote attackers execute arbitrary code via a specially crafted web page or malicious Office document. A large amount of products are affected.
83d4ac95b7df6d9d0e21446d37657b74bd6349ccb853b935fd08488698d5329fVUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an integer overflow error in the "copyRawDataTo()" method within the "Matrix3D" class when processing malformed arguments, which could allow remote attackers execute arbitrary code via a specially crafted web page. Adobe Flash Player versions 11.3.300.271 and prior are affected.
d2ffa29681b8fc88e5a88e349eabd789a616bded95aa6af9e69538a75b01138cVUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the mshtml.dll module when processing CollectionCache objects, which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP.
e3d29879255e1ff2003388a8d7447ab0c086cfdc1cb25b9bc5b4605cfe1e6951VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an invalid object being used when parsing a malformed video via "NetStream.appendBytes", which could allow remote attackers to leak memory and execute arbitrary code despite ASLR and DEP enabled.
9b4488d35212ce158b36f3b2eb967b148fddbf040de1f99a30ab5a53f3202ef4VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the "vgx.dll" component when processing certain VML behaviors, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
b26b14f8e0513c5015cfa528b828f45892990e4d864673868941be4f05ba2bf9VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02feVUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the "mshtml.dll" module when handling a specific Time behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.
cba9bea32ea67c8da60c966ebfc113a9ade45175f2c308da67602f022e70e159
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed