the original cloud security
Showing 1 - 25 of 115 RSS Feed

Files from VUPEN

Email addressadvisories at vupen.com
First Active2010-10-15
Last Active2014-07-16
Microsoft Windows DirectShow Privilege Escalation
Posted Jul 16, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an input validation error in DirectShow when processing and unserializing "Stretch" objects in memory, which could be exploited to elevate privileges and execute arbitrary code in the context of the logged on user, or e.g. bypass Internet Explorer's Enhanced Protected Mode (EPM) sandbox.

tags | advisory, arbitrary
systems | windows
advisories | CVE-2014-2780
MD5 | 07774f23b79568309043a6f2ae0e7af7
Microsoft Internet Explorer ShowSaveFileDialog() Sandbox Bypass
Posted Jul 16, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused due to an invalid handling of a sequence of actions aimed to save a file when calling "ShowSaveFileDialog()", which could be exploited by a sandboxed process to write files to arbitrary locations on the system and bypass IE Protected Mode sandbox. Versions 8, 9, 10, and 11 are affected.

tags | advisory, arbitrary, bypass
advisories | CVE-2014-2777
MD5 | f7525fc447e886eca4d40ed810bafdea
Microsoft Internet Explorer Request Object Confusion Sandbox Bypass
Posted Jul 16, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion vulnerability when processing object types within data shared between the broker and sandboxed processes, which could be exploited by a sandboxed process to achieve code execution within the broker context and bypass IE Protected Mode sandbox. Versions 8, 9, 10, and 11 are affected.

tags | advisory, code execution, bypass
advisories | CVE-2014-1764
MD5 | f7539b4829320da6caad27632a3aeb1c
Microsoft Internet Explorer CSS @import Memory Corruption
Posted Jul 16, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free vulnerability when manipulating CSS @import statements through "addImport()" or "removeImport()", which could be exploited by attackers to leak arbitrary memory or execute arbitrary code via a malicious web page. Versions 9, 10, and 11 are affected.

tags | advisory, web, arbitrary
advisories | CVE-2014-1763
MD5 | 34933e560d806734691cf2aedb3dd98d
Adobe Acrobat / Reader XI-X AcroBroker Sandbox Bypass
Posted Jun 3, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an input validation error in the "AcroBroker.exe" component when processing local file paths, which could be exploited by attackers to write malicious files to any location on the disk and bypass Adobe Acrobat's sandbox.

tags | advisory, local, bypass
advisories | CVE-2014-0512
MD5 | 8c08123f00fb95da54b9400d0a825e18
Adobe Acrobat / Reader Heap Overflow
Posted May 27, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing the "width" and "height" fields of a barcode element in a PDF, which could be exploited to execute arbitrary code via a malicious PDF file.

tags | advisory, overflow, arbitrary
advisories | CVE-2014-0511
MD5 | 388d9faee196aeed47e40a2d6a79d618
Adobe Flash ExternalInterface Use-After-Free
Posted Apr 15, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash. The vulnerability is caused by a use-after-free error when interacting with the "ExternalInterface" class from the browser, which could be exploited to achieve code execution via a malicious web page. Adobe Flash versions prior to 13.0.0.182 are affected.

tags | advisory, web, code execution
MD5 | 103abbecc4e6efd527a553e720b330e3
Mozilla Firefox "BumpChunk" Object Processing Use-After-Free
Posted Mar 26, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error in the JS engine when processing "BumpChunk" objects while the browser is under a memory pressure, which could be exploited to leak arbitrary memory and/or achieve code execution via a malicious web page. Affected include Mozilla Firefox versions prior to 28, Mozilla Firefox ESR versions prior to 24.4, Mozilla Thunderbird versions prior to 24.4, and Mozilla Seamonkey versions prior to 2.25.

tags | advisory, web, arbitrary, code execution
MD5 | 9f39e74d2748e7358b279b58ea05fa2f
Google Chrome Clipboard Format Processing Sandbox Escape
Posted Mar 26, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Google Chrome. The vulnerability is caused by an input validation error within the "Clipboard::WriteData()" function that does not restrict the value of the "format" parameter, which could be exploited to escape Chrome's sandbox and achieve code execution with Medium integrity level. Google Chrome versions prior to 33.0.1750.154 are affected.

tags | advisory, code execution
MD5 | a4449b41974b34e76414173af4675f6e
Google Chrome Blink "locationAttributeSetter" Use-After-Free
Posted Mar 26, 2014
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Google Chrome. The vulnerability is caused by a use-after-free error within the "DocumentV8Internal::locationAttributeSetter()" function when processing "document.location" objects under certain conditions, which could be exploited to leak arbitrary memory and/or achieve code execution via a specially crafted web page. Google Chrome versions prior to 33.0.1750.154 are affected.

tags | advisory, web, arbitrary, code execution
MD5 | 0c1a7696451266e145c8ac900c931aff
Microsoft Internet Explorer Protected Mode Sandbox Bypass
Posted Aug 30, 2013
Authored by VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a memory corruption error in the IE broker process when copying certain data, which could be exploited by remote attackers to bypass IE Protected Mode sandbox and execute arbitrary code with Medium integrity permissions.

tags | advisory, remote, arbitrary
MD5 | b4cd495fe88af28f76b0dc4dd627d0ef
Microsoft Internet Explorer "ReplaceAdjacentText" Use-After-Free
Posted Aug 30, 2013
Authored by Alexandre Pelletier, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "SlayoutRun::GetCharacters()" function when replacing a text adjacent to an element, which could be exploited by remote attackers to compromise a vulnerable system.

tags | advisory, remote
MD5 | 8c4344194f6ec36ff3585d9f6be72702
Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass
Posted Aug 30, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a design error in the "ntdll.LdrHotPatchRoutine" function which can be abused to load an arbitrary library e.g. from a remote network share, leading to arbitrary code execution and ASLR bypass.

tags | advisory, remote, arbitrary, code execution, bypass
systems | windows
MD5 | 6442e7981c8d7e1d2975931b3757391d
Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass
Posted May 23, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an object confusion error in the IE broker process when processing unexpected variant objects, which could allow an attacker to execute arbitrary code within the context of the broker process to bypass Internet Explorer Protected Mode sandbox.

tags | advisory, arbitrary, code execution
systems | windows
MD5 | e2932b7fcafb7bc1a83b847ee7f48ff5
Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow
Posted May 23, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by an integer overflow error in the "vml.dll" component when processing certain undocumented vector graphic properties, which could be exploited by remote attackers to leak arbitrary memory and compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web, overflow, arbitrary
systems | windows
advisories | CVE-2013-2551
MD5 | e10a66817c351a3e7948e3f8a7b23b58
Microsoft Internet Explorer 10-9-8-7-6 CDisplayPointer Use-After-Free
Posted May 3, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CDisplayPointer::MoveToMarkupPointer()" function within mshtml.dll when processing "CDisplayPointer" objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
MD5 | 86b53a7542311e58f1fa1b999e6ff4dc
Microsoft Internet Explorer 10-9-8-7-6 Scroll Use-After-Free
Posted May 3, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CWindow::scroll()" function within mshtml.dll when processing specially crafted "Scroll" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
MD5 | cee6bf6e07bca962189740829a2856f2
Adobe Flash Player Code Execution
Posted Apr 19, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by an object confusion error when processing malformed Real Time Messaging Protocol (RTMP) data received during the initial phase of communication with a server, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page. Adobe Flash Player versions prior to 11.7.700.169 are affected.

tags | advisory, remote, web, protocol
advisories | CVE-2013-2555
MD5 | 528f63f34436a85bc7304af9f6091a07
Microsoft Internet Explorer 10-9-8-7-6 OnMove Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onMove" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
MD5 | 4087513b3b33996112f927603b70f3d6
Microsoft Internet Explorer 10-9-8-7-6 OnResize Use-After-Free
Posted Mar 20, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error within the MSHTML "CElement::EnsureRecalcNotify()" function when processing "onResize" events, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0087
MD5 | eccb02d789cd9a8a3692fc05de00c7bb
Mozilla Firefox nsHTMLEditRules Use-After-Free
Posted Mar 19, 2013
Authored by Nicolas Joly, Chaouki Bekrar, VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the XUL "nsHTMLEditRules::nsHTMLEditRules()" function when processing certain objects, which could be exploited by remote attackers to compromise a vulnerable system via a malicious web page.

tags | advisory, remote, web
advisories | CVE-2013-0787
MD5 | 27fb8bbd84648b8c2ce27c263b7ca54d
Microsoft Windows OLE Automation Remote Code Execution
Posted Feb 26, 2013
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the "SysAllocStringLen()" function within the "Oleaut32.dll" (Object Linking and Embedding Automation) library, which could allow remote attackers to execute arbitrary code via a specially crafted web page or Office document.

tags | advisory, remote, web, overflow, arbitrary
systems | windows
MD5 | 283b0bcfcdbdbdb90253fe5d10c11043
Mozilla Firefox "imgRequestProxy" Class Remote Use-After-Free
Posted Nov 30, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "imgRequestProxy::OnStopRequest()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
MD5 | 883db1fa9cce75266023399dd2ef60f2
Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free
Posted Nov 26, 2012
Authored by VUPEN, Jordan Gruskovnjak | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Mozilla Firefox. The vulnerability is caused by a use-after-free error within the "DocumentViewerImpl::Show()" function, which could allow remote attackers to execute arbitrary code via a specially crafted web page.

tags | advisory, remote, web, arbitrary
MD5 | 2f17c9dabd5b77d3d92376f7ab61831b
Oracle Java Font Processing Glyph Element Memory Corruption
Posted Oct 25, 2012
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE / JDK 7u7 and below are affected. The vulnerability is caused by a memory corruption error within the "t2k.dll" component when processing certain glyph elements within a Font file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, java, remote, web
MD5 | eb5681c8f67ee20467f1ef395d71bcef
Page 1 of 5
Back12345Next

File Archive:

July 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    2 Files
  • 2
    Jul 2nd
    3 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    4 Files
  • 5
    Jul 5th
    15 Files
  • 6
    Jul 6th
    15 Files
  • 7
    Jul 7th
    10 Files
  • 8
    Jul 8th
    2 Files
  • 9
    Jul 9th
    10 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    15 Files
  • 12
    Jul 12th
    19 Files
  • 13
    Jul 13th
    16 Files
  • 14
    Jul 14th
    15 Files
  • 15
    Jul 15th
    3 Files
  • 16
    Jul 16th
    2 Files
  • 17
    Jul 17th
    8 Files
  • 18
    Jul 18th
    11 Files
  • 19
    Jul 19th
    15 Files
  • 20
    Jul 20th
    15 Files
  • 21
    Jul 21st
    15 Files
  • 22
    Jul 22nd
    7 Files
  • 23
    Jul 23rd
    2 Files
  • 24
    Jul 24th
    19 Files
  • 25
    Jul 25th
    28 Files
  • 26
    Jul 26th
    2 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close