what you don't know can hurt you
Showing 1 - 25 of 37 RSS Feed

Files Date: 2016-03-22

OS X Kernel AppleUSBPipe::Abort Missing Bounds Checking
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

Mac OS X kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleUSBPipe::Abort.

tags | exploit, kernel, code execution
systems | linux, apple, osx
advisories | CVE-2016-1749
SHA-256 | 143c8edb082144d486e1c248032995f02f0e99555d57358b3a070cca59501529
Adobe Flash Zlib Codec Heap Overflow
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

Adobe Flash has a heap overflow vulnerability in the Zlib codecs when playing flv files.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-1001
SHA-256 | 08105a5eab48b0c73b46d78b3dac94e27c8f4057fb00f1f9ce4ea6fafd037bdb
Adobe Flash Sprite Creation Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Sprite Creation. If a Sprite is created, and then the handler for the frameConstructed event triggers a remove object action, the Sprite is then used after it has been freed.

tags | exploit
systems | linux
advisories | CVE-2016-1000
SHA-256 | c39ed19e599f2e87429baaa1420ef1c22c03fa613b8ce27ef51b01a165eed4b8
Adobe Flash AsBroadcaster.broadcastMessage Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin APSB15-32 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0999
SHA-256 | 982e087bae1ff3d75902f159298bed43a1c32bb041ce513c46a96da67786a262
Adobe Flash Object.unwatch Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin APSB15-32 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0998
SHA-256 | fca666e43ec07be074a4810a7671db92ce36a0d756afde739005726379118d6f
Adobe Flash MovieClip.swapDepth Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for Google Security Research issue 403 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0997
SHA-256 | ccc716718377c7f69a2d68eb3c1540336084d2a28e046619c48fea014951002e
OS X Kernel AppleKeyStore Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The AppleKeyStore userclient uses an IOCommandGate to serialize access to its userclient methods, however by racing two threads, one of which closes the userclient (which frees the IOCommandGate) and one of which tries to make an external method call we can cause a use-after-free of the IOCommandGate.

tags | exploit
systems | linux
advisories | CVE-2016-1755
SHA-256 | 1db8ce601471ad3e19f7c84c23572709a3952990a28f5b5d130277dfb0f639dc
OS X Kernel Nvidia Driver Unchecked Array Index
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

Mac OS X kernel has an issue where an unchecked array index can be used to read an object pointer then call a virtual method in the Nvidia GEForce driver.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2016-1741
SHA-256 | 8f940c5ed303d010b19d9f30337e7546f4aff5203b1fbca11bcbe729635d754b
OS X Kernel Use-After-Free / Double Delete
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The Mac OS X kernel suffers from use-after-free and double delete issues due to incorrect locking in the Intel GPU driver.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2016-1744
SHA-256 | ca15dbb2b908cc1bd1b9e630c704f934d111095bea1cb1c8e14eacb07227a2e0
Adobe Flash setInterval Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in setInterval. If the interval length is an object with valueOf defined, this method gets executed, and can delete the object the interval is being set on.

tags | exploit
systems | linux
advisories | CVE-2016-0988
SHA-256 | cc2adc9a2940710a875fafa69fdae84c7e355762d1060554d76af5275b287193
Adobe Flash Sound.setTransform Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Sound.setTransform similar to the one described in CVE-2015-8434. If the transform object provided is an integer primitive, and the Number constructor is overwritten, this constructor will be executed and can free the internal sound transform, which is then written to.

tags | exploit
systems | linux
advisories | CVE-2015-8434, CVE-2016-0987
SHA-256 | 9cf5ceec9d1b8789d8ae0b14a3c45b7fe4d93c657668793da9239af45b02f16d
OS X / iOS Suid Binary Logic Error Code Execution
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vm_map into the old task object leaving a short race window where we can manipulate the memory of the euid(0) process before the old task port is destroyed.

tags | exploit
systems | linux
advisories | CVE-2016-1757
SHA-256 | 6be58b3f0fc092cb166e20a9e2e0ef99de307b957f1541a6ea0dd7a8f7ca8531
Adobe Flash Shape Rendering Crash
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

An included fuzzing case demonstrates a crash in Adobe Flash shape rendering.

tags | exploit
systems | linux
advisories | CVE-2016-1002
SHA-256 | efc9af51bcd69cfee5ecf9979add44fc4891f75646247fc53ec96acdedf5bccb
Apple Security Advisory 2016-03-21-7
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-7 - OS X Server 5.1 is now available and addresses RC4 crypto weaknesses, file access, and information disclosure vulnerabilities.

tags | advisory, crypto, vulnerability, info disclosure
systems | apple, osx
advisories | CVE-2016-1774, CVE-2016-1776, CVE-2016-1777, CVE-2016-1787
SHA-256 | 3f5b87490fc0b888969c59aa3c86769bc4e48285372026935f48a72f9f313a9a
Apple Security Advisory 2016-03-21-6
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-6 - Safari 9.1 is now available and addresses code execution, interface spoofing, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2009-2197, CVE-2016-1762, CVE-2016-1771, CVE-2016-1772, CVE-2016-1778, CVE-2016-1779, CVE-2016-1781, CVE-2016-1782, CVE-2016-1783, CVE-2016-1784, CVE-2016-1785, CVE-2016-1786
SHA-256 | a8eb642d04c965e996635f15999f220f4f3fa6eb33970813cc774fc9032a8db0
Apple Security Advisory 2016-03-21-5
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-5 - OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2014-9495, CVE-2015-0973, CVE-2015-1819, CVE-2015-3195, CVE-2015-5312, CVE-2015-5333, CVE-2015-5334, CVE-2015-7499, CVE-2015-7500, CVE-2015-7551, CVE-2015-7942, CVE-2015-8035, CVE-2015-8126, CVE-2015-8242, CVE-2015-8472, CVE-2015-8659, CVE-2016-0777, CVE-2016-0778, CVE-2016-0801, CVE-2016-0802, CVE-2016-1732, CVE-2016-1733, CVE-2016-1734, CVE-2016-1735, CVE-2016-1736, CVE-2016-1737, CVE-2016-1738, CVE-2016-1740
SHA-256 | 70ee7534060a15cce4887519635499ad26a30d4596bdf4d28ce6ea94b25fefad
Apple Security Advisory 2016-03-21-4
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-4 - Xcode 7.3 is now available and addresses multiple code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-3184, CVE-2015-3187, CVE-2016-1765
SHA-256 | d45002641c3c19bee4fdec1c1a6e76827a26858fe07d85b7bd61d992c80bdafa
Apple Security Advisory 2016-03-21-3
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-3 - tvOS 9.2 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754, CVE-2016-1755, CVE-2016-1762, CVE-2016-1775, CVE-2016-1783, CVE-2016-1784, CVE-2016-1950
SHA-256 | 576bf88cd8411520d0b41a89dc0b71a608a7bbddb1b15581478a9131071d23ca
Apple Security Advisory 2016-03-21-2
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-2 - watchOS 2.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-7995, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1717, CVE-2016-1719, CVE-2016-1720, CVE-2016-1721, CVE-2016-1722, CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754
SHA-256 | e000b4344c6260c49d4654cae8607aac1e384c8404017451ab845c90b408cea7
Apple Security Advisory 2016-03-21-1
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-1 - iOS 9.3 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1734, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754, CVE-2016-1755, CVE-2016-1756, CVE-2016-1757, CVE-2016-1758, CVE-2016-1760, CVE-2016-1761, CVE-2016-1762, CVE-2016-1763, CVE-2016-1766, CVE-2016-1775
SHA-256 | d014002b8661b674441b269148e4a0b977e33ca0eab871429b9557c64d61cff3
Securimage 3.6.2 Cross Site Scripting
Posted Mar 22, 2016
Site redteam-pentesting.de

Securimage version 3.6.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | cef5c2470c562793c29df7022f016d538fa8aecde6d8f3749e5047f3dfdb89ee
WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download
Posted Mar 22, 2016
Authored by CrashBandicot

WordPress HB Audio Gallery Lite plugin version 1.0.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
SHA-256 | 56a6cc400f6bf87cdcab4b117e69833f99576b61f0f4dfc5d6693a04f1f226ed
Adobe Flash Wild Write Crash
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from a wild write at 0x453b0cf0 in color conversion that causes a crash.

tags | exploit
systems | linux
advisories | CVE-2015-5575
SHA-256 | 051621ef0094ab8b55b05d6b364d50f6b9948eb005475d56a5738771d2f6685f
Adobe Flash Content Information Leak
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from an information leak that may render non-deterministic content that apparently contains pointers.

tags | exploit
systems | linux
advisories | CVE-2015-5576
SHA-256 | 41c6dbb42e26cd157241d1aeb71129cad02abd56098cd0be0d24a4218914f04d
Adobe Flash AAC Audio Handling Out-Of-Bounds Read
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from an out-of-bounds read in AAC audio handling.

tags | exploit
systems | linux
advisories | CVE-2015-5577
SHA-256 | 4bcaa997a98d2899f0ece2d75dffe49e567d8dc983b849e3e2064ea6b326e3c7
Page 1 of 2
Back12Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    6 Files
  • 24
    May 24th
    19 Files
  • 25
    May 25th
    5 Files
  • 26
    May 26th
    12 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close