seeing is believing
Showing 1 - 8 of 8 RSS Feed

Files Date: 2016-08-28

Keeper UI Injection
Posted Aug 28, 2016
Authored by Tavis Ormandy, Google Security Research

Keeper suffers from an issue where a trusted UI is injected into an untrusted webpage.

tags | exploit
MD5 | 094f53c1f2d3b75115d565669dfaa9d0
Adobe Flash MovieClip Transform Use-After-Free
Posted Aug 28, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in the Adobe Flash MovieClip Transform getter. If the Transform constructor is replaced with a getter using addProperty, this getter can free the MovieClip before it is accessed.

tags | exploit
advisories | CVE-2016-4230
MD5 | 88c67984269b11df2a7f86bd27999365
Adobe Flash BitmapData.copyPixels Use-After-Free
Posted Aug 28, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Adobe Flash BitmapData.copyPixels. If the method is called on a MovieClip, and the MovieClip is deleted during parameter conversions, it is used to convert future parameters, even though it has already been freed.

tags | exploit
advisories | CVE-2016-4229
MD5 | 705d36868dd6a1f8f690cc7befad109f
Adobe Flash Rectangle Return Use-After-Free
Posted Aug 28, 2016
Authored by Google Security Research, natashenka

Several methods in Adobe Flash return instances of the Rectangle class. There is a use-after-free in creating these objects for return. If the this object of the call is a MovieClip, the Rectangle instantiation will run on its thread. If a getter is added to this class's package, it will be invoked when fetching the rectangle constructor, which can free the method's thread, which will cause the Rectangle constructor to run on a thread which has been freed.

tags | exploit
advisories | CVE-2016-4228
MD5 | e2cf11adf7aa45c573e006bbe0212688
Adobe Flash Selection.setFocus Use-After-Free
Posted Aug 28, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Adobe Flash Selection.setFocus. It is a static method, but if it is called with a this object, it will be called on that object's thread. Then, if it calls into script, for example, by calling toString on the string parameter, the object, and its thread will be deleted, and a use-after-free occurs.

tags | exploit
advisories | CVE-2016-4227
MD5 | 58059d96bdc85213e3cf12fdec4e52b3
Adobe Flash Stage.align Use-After-Free
Posted Aug 28, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in the Adobe Flash Stage.align property setter. When the setter is called, the parameter is converted to a string early, as a part of the new use-after-free prevention changes. This conversion can invoke script, which if the this object is a MovieClip, can delete the object, deleting the thread the call is made from, which can lead to a use-after-free.

tags | exploit
advisories | CVE-2016-4226
MD5 | fc8d83928f444c78ec6b24e2c1a2be3d
Stegano 0.6.1
Posted Aug 28, 2016
Authored by Cedric Bonhomme | Site github.com

Stegano is a basic Python Steganography module. Stegano implements two methods of hiding: using the red portion of a pixel to hide ASCII messages, and using the Least Significant Bit (LSB) technique. It is possible to use a more advanced LSB method based on integers sets. The sets (Sieve of Eratosthenes, Fermat, Carmichael numbers, etc.) are used to select the pixels used to hide the information.

Changes: Reorganization of the steganalysis sub-module.
tags | tool, encryption, steganography, python
systems | unix
MD5 | fc1bf07c349e8e9e060d889db34699c3
OATH Toolkit 2.6.2
Posted Aug 28, 2016
Site nongnu.org

OATH Toolkit attempts to collect several tools that are useful when deploying technologies related to OATH, such as HOTP one-time passwords. It is a fork of the earlier HOTP Toolkit.

Changes: Updated documentation and made various improvements.
tags | tool
systems | unix
MD5 | 4a05cd4768764843bd5493609a6bdb17
Page 1 of 1
Back1Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    0 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close