what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 87 RSS Feed

Files from Nicolas Joly

First Active2009-10-17
Last Active2015-05-01
Microsoft Windows "datime.dll" Remote Code Execution
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Windows. The vulnerability is caused by a use-after-free error in the TIME (datime.dll) module when loaded via a specific behavior, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
systems | windows
SHA-256 | 363771ff8fedc0e7c3eb4df5ff9a4fe0bc4f64c4b34e44157b5e85bbbd053e8e
Adobe Flash Player "SAlign" Memory Corruption
Posted Dec 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Adobe Flash Player. The vulnerability is caused by an uninitialized stack variable when processing an invalid "SAlign" property of the Flash ActiveX control, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Versions prior to 11.1.102.55 are affected.

tags | advisory, remote, web, activex
advisories | CVE-2011-2459
SHA-256 | 10561391d54ae2a2a00c408b11bdbca9246b41da1060d29b93367e7f6c836d46
MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
Posted Nov 23, 2011
Authored by Nicolas Joly, Shahin, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability found in Excel 2002 of Microsoft Office XP. By supplying a .xls file with a malformed OBJ (recType 0x5D) record an attacker can get the control of the execution flow. This results arbitrary code execution under the context of the user.

tags | exploit, arbitrary, code execution
advisories | CVE-2010-0822, OSVDB-65236
SHA-256 | acb25995e86f5b15f194ac0612879eb48ebd91be3aa622b8ed431f01c711cbdd
Microsoft Internet Explorer X-UA-COMPATIBLE Use-After-Free
Posted Oct 21, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "mshtml.dll" component when processing the "X-UA-COMPATIBLE" keyword of a "META" tag, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web
SHA-256 | 48c8c110e7a16caf9bec75c333999b1e5148e63511b0674e0649301d7dfb1252
Microsoft Office Excel Formula Record Heap Corruption
Posted Sep 19, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a heap corruption error when processing malformed Formula records within an Excel document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted XLS document.

tags | advisory
SHA-256 | fea05647dde36d6873e65a4a370929a4399740a72e46e76f9aa3a5901033bd1f
Adobe Acrobat / Reader BMP Dimensions Heap Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

tags | advisory, overflow
SHA-256 | ec1e544d4bc46b70a53f70b750297c806bc34953226e435c1cb63dc94f5ab888
Adobe Acrobat / Reader IFF Processing Heap Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

tags | advisory, overflow
SHA-256 | 5fb97c8c1204aa3b8013ee8b94958c995a3ed2f749e599c67bd76aa36f7e01cb
Adobe Acrobat / Reader PCX Processing Heap Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

tags | advisory, overflow
SHA-256 | b1ba18f240b0fc7ab7cbc3817b3c949894e5a9a8549bbf6fc8cc226b4f78f497
Adobe Acrobat / Reader Picture Processing Stack Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.

tags | advisory, overflow
SHA-256 | 3db1febf32ab77cc17ebcd7c9b80069c45e57860fe630d2d2dd0f8123ffdd44b
Adobe Acrobat / Reader Picture Dimensions Heap Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.

tags | advisory, overflow
SHA-256 | 837ea15f51f8c653c8bc8201a780499c8e1592e20f9dbba46a5b7260bd924b43
Adobe Acrobat / Reader TIFF BitsPerSample Heap Overflow
Posted Sep 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.

tags | advisory, overflow
SHA-256 | 7ce131d21eca659ae6009e41e847bfa961c8330c5d51752a35eb2562fe1bb645
GDI+ CreateDashedPath Integer Overflow
Posted Jul 19, 2011
Authored by Abysssec, Nicolas Joly | Site abysssec.com

GDI+ CreateDashedPath suffers from an integer overflow vulnerability in gdiplus.dll.

tags | exploit, overflow
systems | linux
advisories | CVE-2011-0041
SHA-256 | e20fc836323223dccecb7e77feedfe083e650997e1791ba72b7c3bf909266bad
Microsoft Windows OLE Automation Integer Underflow
Posted Jun 18, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web
systems | windows
advisories | CVE-2011-0658
SHA-256 | 0bcbe6ddf0f6d9f9565bd58d17901ffc57ad45dde4e3569f63328534b3f27176
Microsoft Office Excel Real Time Data Stack Overwrite
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.

tags | advisory
advisories | CVE-2011-0105
SHA-256 | eb83b04f992840bb6eff2e981e45c08f92921571c592f54407896f0ebe817d1c
Microsoft Internet Explorer Property Change Memory Corruption
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.

tags | advisory, remote, web
advisories | CVE-2011-1345
SHA-256 | 59606c9acd8d8332ddbbdbeff4cd06911f15ac789a3a6ee075f3c52dff906ea9
Microsoft Internet Explorer Layouts Use-After-Free
Posted Apr 15, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.

tags | advisory, remote, web
advisories | CVE-2011-0094
SHA-256 | b8d96323c4a211ae41bedf90189a3872ffab299ee06c72ee8c21def85c12f670
Microsoft Windows GDI+ Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.

tags | advisory, web, overflow
systems | windows
SHA-256 | e9d976818013ca305eba57812572521d3237061c36f4c3f3f638dc81c1690983
Microsoft Office MSO Size Handling Integer Overflow
Posted Apr 14, 2011
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office. The vulnerability is caused by an integer overflow error in the MSO component when parsing certain values within an Office document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malformed Office file (e.g. Word). Microsoft Office XP Service Pack 3 is affected.

tags | advisory, overflow
SHA-256 | 2d2ef1ad1bdc1ee43e992f908da55b1ea19d51d2bcabcf4e211f64a913e1e003
Microsoft Windows Shell Graphics biCompression Buffer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a buffer overflow error in the Windows Shell graphics processor when parsing the "biCompression" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | e45dd38c15740c3e6e5ddc9d40c8fcbd4f3bb920137a89049bbe72c5ba971917
Microsoft Windows Shell Graphics BMP "height" Integer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "height" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 9a72023ae91a8044eca541def5bf1939d6dd53c305c5ed8be72523cab22c8350
Microsoft Windows Shell Graphics BMP "width" Integer Overflow
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the Windows Shell graphics processor when parsing the "width" value within BMP images, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into opening or previewing a malformed Office file or browsing to a network share, UNC, or WebDAV location containing a specially crafted image.

tags | advisory, remote, overflow, shell
systems | windows
SHA-256 | 424e76ac6176134b9620fc780ea75da7e66aee6adb5388e91cf75fdc7beeb515
Microsoft Internet Explorer "mshtml.dll" Dangling Pointer
Posted Feb 14, 2011
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a dangling pointer in the "mshtml.dll" library when handling certain object manipulations, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page. Internet Explorer versions 6, 7, and 8 are affected.

tags | advisory, remote, web, arbitrary
advisories | CVE-2011-0036
SHA-256 | 3ec085c704a69847706bc827f9318c129f1ec314e1cffd5e14399f41cbc973f2
Microsoft Internet Explorer Animation Use-after-free Vulnerability
Posted Dec 16, 2010
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when handling certain animation behaviors, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a malicious web page.

tags | advisory, remote, web, arbitrary
advisories | CVE-2010-3343
SHA-256 | 330ad2faec658aa70f9c70da1561497c7262a8b59546d2216438b7b6ffe83195
RealPlayer AAC Data Handling Buffer Overflow Vulnerability
Posted Dec 15, 2010
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling malformed AAC files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, overflow, arbitrary
SHA-256 | 5892714bf8dcac92f1f837b80a5fe1dab9767058d8622e1e878f467c7bb64630
RealPlayer Audio Data Handling Buffer Overflow Vulnerability
Posted Dec 15, 2010
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in RealPlayer. The vulnerability is caused by a heap overflow error when handling Audio data within media files, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, overflow, arbitrary
SHA-256 | 89b2a9aa2b9bfe058f8be7d8ae041339a47d117e92f473ae3ad518fe34dc5780
Page 2 of 4
Back1234Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close