accept no compromises
Showing 1 - 25 of 37 RSS Feed

Files Date: 2016-03-22 to 2016-03-23

OS X Kernel AppleUSBPipe::Abort Missing Bounds Checking
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

Mac OS X kernel suffers from a code execution vulnerability due to a lack of bounds checking in AppleUSBPipe::Abort.

tags | exploit, kernel, code execution
systems | linux, apple, osx
advisories | CVE-2016-1749
MD5 | bed149432923b940c127c1235d8bcd34
Adobe Flash Zlib Codec Heap Overflow
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

Adobe Flash has a heap overflow vulnerability in the Zlib codecs when playing flv files.

tags | exploit, overflow
systems | linux
advisories | CVE-2016-1001
MD5 | 23ce280b247644997dad3db0b091a591
Adobe Flash Sprite Creation Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Sprite Creation. If a Sprite is created, and then the handler for the frameConstructed event triggers a remove object action, the Sprite is then used after it has been freed.

tags | exploit
systems | linux
advisories | CVE-2016-1000
MD5 | 8b29ef8ea3f9f1da2207b22bc8aefb56
Adobe Flash AsBroadcaster.broadcastMessage Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin APSB15-32 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0999
MD5 | a32454e9aef967c94c0f9a97a4183e43
Adobe Flash Object.unwatch Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for an issue in the December Flash bulletin APSB15-32 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0998
MD5 | 826e98f7a0c00a181f903c48b39b7413
Adobe Flash MovieClip.swapDepth Uninitialized Stack Parameter Access
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

The ActionScript parameter conversion in the fix for Google Security Research issue 403 can sometimes access a parameter on the native stack that is uninitialized.

tags | exploit
systems | linux
advisories | CVE-2016-0997
MD5 | d359f900d202c05abc91189cac05b4a1
OS X Kernel AppleKeyStore Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The AppleKeyStore userclient uses an IOCommandGate to serialize access to its userclient methods, however by racing two threads, one of which closes the userclient (which frees the IOCommandGate) and one of which tries to make an external method call we can cause a use-after-free of the IOCommandGate.

tags | exploit
systems | linux
advisories | CVE-2016-1755
MD5 | 28d80c38ca1c4a122d94f26bd1b48d9e
OS X Kernel Nvidia Driver Unchecked Array Index
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

Mac OS X kernel has an issue where an unchecked array index can be used to read an object pointer then call a virtual method in the Nvidia GEForce driver.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2016-1741
MD5 | a47e6c7658312f6b320a70c4c60eab37
OS X Kernel Use-After-Free / Double Delete
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The Mac OS X kernel suffers from use-after-free and double delete issues due to incorrect locking in the Intel GPU driver.

tags | exploit, kernel
systems | linux, apple, osx
advisories | CVE-2016-1744
MD5 | 0fa2674827e519c2c3e1d71a56b5d833
Adobe Flash setInterval Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in setInterval. If the interval length is an object with valueOf defined, this method gets executed, and can delete the object the interval is being set on.

tags | exploit
systems | linux
advisories | CVE-2016-0988
MD5 | da5504b69723dbd48252bbd5dde3b042
Adobe Flash Sound.setTransform Use-After-Free
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

There is a use-after-free in Sound.setTransform similar to the one described in CVE-2015-8434. If the transform object provided is an integer primitive, and the Number constructor is overwritten, this constructor will be executed and can free the internal sound transform, which is then written to.

tags | exploit
systems | linux
advisories | CVE-2015-8434, CVE-2016-0987
MD5 | 5d7bb30d90f6e491628579582874a269
OS X / iOS Suid Binary Logic Error Code Execution
Posted Mar 22, 2016
Authored by Google Security Research, ianbeer

The code responsible for loading a suid-binary following a call to the execve syscall invalidates the task port after first swapping the new vm_map into the old task object leaving a short race window where we can manipulate the memory of the euid(0) process before the old task port is destroyed.

tags | exploit
systems | linux
advisories | CVE-2016-1757
MD5 | 58c8a1c7d992ae37e0572d86f40f5412
Adobe Flash Shape Rendering Crash
Posted Mar 22, 2016
Authored by Google Security Research, natashenka

An included fuzzing case demonstrates a crash in Adobe Flash shape rendering.

tags | exploit
systems | linux
advisories | CVE-2016-1002
MD5 | 2aa8029ce9ab5b8d45760e44227443ec
Apple Security Advisory 2016-03-21-7
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-7 - OS X Server 5.1 is now available and addresses RC4 crypto weaknesses, file access, and information disclosure vulnerabilities.

tags | advisory, crypto, vulnerability, info disclosure
systems | apple, osx
advisories | CVE-2016-1774, CVE-2016-1776, CVE-2016-1777, CVE-2016-1787
MD5 | f256c898392904a019b6cae8d63efdf2
Apple Security Advisory 2016-03-21-6
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-6 - Safari 9.1 is now available and addresses code execution, interface spoofing, denial of service, and various other vulnerabilities.

tags | advisory, denial of service, spoof, vulnerability, code execution
systems | apple
advisories | CVE-2009-2197, CVE-2016-1762, CVE-2016-1771, CVE-2016-1772, CVE-2016-1778, CVE-2016-1779, CVE-2016-1781, CVE-2016-1782, CVE-2016-1783, CVE-2016-1784, CVE-2016-1785, CVE-2016-1786
MD5 | 9f2d4f2fae66548cf645684c44ea8d3f
Apple Security Advisory 2016-03-21-5
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-5 - OS X El Capitan 10.11.4 and Security Update 2016-002 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, osx
advisories | CVE-2014-9495, CVE-2015-0973, CVE-2015-1819, CVE-2015-3195, CVE-2015-5312, CVE-2015-5333, CVE-2015-5334, CVE-2015-7499, CVE-2015-7500, CVE-2015-7551, CVE-2015-7942, CVE-2015-8035, CVE-2015-8126, CVE-2015-8242, CVE-2015-8472, CVE-2015-8659, CVE-2016-0777, CVE-2016-0778, CVE-2016-0801, CVE-2016-0802, CVE-2016-1732, CVE-2016-1733, CVE-2016-1734, CVE-2016-1735, CVE-2016-1736, CVE-2016-1737, CVE-2016-1738, CVE-2016-1740
MD5 | 627ce9820a6da1e5027ea19b5f314b42
Apple Security Advisory 2016-03-21-4
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-4 - Xcode 7.3 is now available and addresses multiple code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-3184, CVE-2015-3187, CVE-2016-1765
MD5 | 4ea78e38d44550786e056257730f54e1
Apple Security Advisory 2016-03-21-3
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-3 - tvOS 9.2 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754, CVE-2016-1755, CVE-2016-1762, CVE-2016-1775, CVE-2016-1783, CVE-2016-1784, CVE-2016-1950
MD5 | 7e9d1464c8e73a80b765ad62fe62ae79
Apple Security Advisory 2016-03-21-2
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-2 - watchOS 2.2 is now available and addresses memory corruption, code execution, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-7995, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1717, CVE-2016-1719, CVE-2016-1720, CVE-2016-1721, CVE-2016-1722, CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754
MD5 | eaaa5fc23f4221ad8bf90fcf72ce06d1
Apple Security Advisory 2016-03-21-1
Posted Mar 22, 2016
Authored by Apple | Site apple.com

Apple Security Advisory 2016-03-21-1 - iOS 9.3 is now available and addresses code execution, memory corruption, and various other vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2015-1819, CVE-2015-5312, CVE-2015-7499, CVE-2015-7500, CVE-2015-7942, CVE-2015-8035, CVE-2015-8242, CVE-2015-8659, CVE-2016-0801, CVE-2016-0802, CVE-2016-1734, CVE-2016-1740, CVE-2016-1748, CVE-2016-1750, CVE-2016-1751, CVE-2016-1752, CVE-2016-1753, CVE-2016-1754, CVE-2016-1755, CVE-2016-1756, CVE-2016-1757, CVE-2016-1758, CVE-2016-1760, CVE-2016-1761, CVE-2016-1762, CVE-2016-1763, CVE-2016-1766, CVE-2016-1775
MD5 | 559ba3922fc3f4db59252d6094c03a23
Securimage 3.6.2 Cross Site Scripting
Posted Mar 22, 2016
Site redteam-pentesting.de

Securimage version 3.6.2 suffers from a cross site scripting vulnerability.

tags | exploit, xss
MD5 | a9cf246229fe151d0f8ed4ea27ee77cb
WordPress HB Audio Gallery Lite 1.0.0 Arbitrary File Download
Posted Mar 22, 2016
Authored by CrashBandicot

WordPress HB Audio Gallery Lite plugin version 1.0.0 suffers from an arbitrary file download vulnerability.

tags | exploit, arbitrary
MD5 | 6dfdd9b6296c9902dd024e8fa28e6111
Adobe Flash Wild Write Crash
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from a wild write at 0x453b0cf0 in color conversion that causes a crash.

tags | exploit
systems | linux
advisories | CVE-2015-5575
MD5 | 4fe5ff4936c2217816cb31ea4e1bed3f
Adobe Flash Content Information Leak
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from an information leak that may render non-deterministic content that apparently contains pointers.

tags | exploit
systems | linux
advisories | CVE-2015-5576
MD5 | 2619b990ef9018d089ba2ecd0f6c95fc
Adobe Flash AAC Audio Handling Out-Of-Bounds Read
Posted Mar 22, 2016
Authored by Chris Evans, Google Security Research

Adobe Flash suffers from an out-of-bounds read in AAC audio handling.

tags | exploit
systems | linux
advisories | CVE-2015-5577
MD5 | 306d5671231318b046a9d4adc763245a
Page 1 of 2
Back12Next

File Archive:

October 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    15 Files
  • 2
    Oct 2nd
    16 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    11 Files
  • 6
    Oct 6th
    6 Files
  • 7
    Oct 7th
    2 Files
  • 8
    Oct 8th
    1 Files
  • 9
    Oct 9th
    13 Files
  • 10
    Oct 10th
    16 Files
  • 11
    Oct 11th
    15 Files
  • 12
    Oct 12th
    23 Files
  • 13
    Oct 13th
    13 Files
  • 14
    Oct 14th
    12 Files
  • 15
    Oct 15th
    2 Files
  • 16
    Oct 16th
    16 Files
  • 17
    Oct 17th
    16 Files
  • 18
    Oct 18th
    15 Files
  • 19
    Oct 19th
    10 Files
  • 20
    Oct 20th
    7 Files
  • 21
    Oct 21st
    4 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close