what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 100 RSS Feed

Files

Microsoft Edge Charka JIT Incomplete Fix For Issue 1420 #2
Posted Apr 3, 2018
Authored by Google Security Research, lokihardt

A security fix applied for Microsoft Edge Chakra JIT is incomplete.

tags | exploit
advisories | CVE-2018-0934
SHA-256 | 7fa9ae7d44d240e41a8c31b515d60a4f1624eb25e026c49221e4151fba5ea6c4

Related Files

Adobe Flash Use-After-Free When Setting Variable
Posted Aug 20, 2015
Authored by Google Security Research, natashenka

In certain cases where a native AS2 class sets an internal variable, it can lead to a use-after-free if the variable is a SharedObject. While this example shows setting NetConnection.contentType, this applies to several other variables including many properties of the Sound and NetStream classes.

tags | exploit
systems | linux
advisories | CVE-2015-5134
SHA-256 | 988359360be0f5f9adf193f6cd3a04d83c07dd40e147fd6dcd237b7482c3bf8c
Flash Boundless Tunes Universal SOP Bypass Through ActionSctipt's Sound Object
Posted Aug 20, 2015
Authored by Google Security Research, ojakigamon

An instance of ActionScript's Sound class allows for loading and extracting for further processing any kind of external data, not only sound files. Same-origin policy doesn't apply here. Each input byte of raw data, loaded previously from given URL, is encoded by an unspecified function to the same 8 successive sample blocks of output. The sample block consists of 8 bytes (first 4 bytes for left channel and next 4 bytes for right channel). Only 2 bytes from 8 sound blocks (64 bytes) are crucial, the rest 52 bytes are useless. Each byte of input from range 0-255 has corresponding constant unsigned integer value (a result of encoding), so for decoding purposes you can use simply lookup table (cf. source code from BoundlessTunes.as).

tags | exploit
systems | linux
advisories | CVE-2015-5116
SHA-256 | fc4873a13244f4cbc031eca310103bf8bf2dd9f88a4c98659fde47aa2310d88d
NetConnection.connect Use-After-Free
Posted Aug 20, 2015
Authored by Google Security Research, natashenka

If the fpadInfo property of a NetConnection object is a SharedObject, a use-after-free occurs when the property is deleted.

tags | exploit
systems | linux
advisories | CVE-2015-3107
SHA-256 | b56d353e5eaa5e4528ff1ffb7dc841c80fd0d96e3e3d63729b195cd39ca14474
Flash Use-After-Free In Display List Handling Round 2
Posted Aug 20, 2015
Authored by Google Security Research, external

Three use-after-free proof of concept exploits for Flash.

tags | exploit, proof of concept
systems | linux
advisories | CVE-2015-3124
SHA-256 | 2e4eefce9ede8e949e02bc78fdf89f165e66883de32412b8f8591292e5d9a762
Flash AS2 Use After Free While Setting TextField.filters
Posted Aug 20, 2015
Authored by Google Security Research, external

A use-after-free bug exists while setting the TextFilter.filters array.

tags | exploit
systems | linux
advisories | CVE-2015-3118
SHA-256 | 31a6c05930a52b35dcd3d8092a6d0a8288bfbf9225bc353369358d98b9ab95b8
Adobe Flash Use-After-Free In Scale9Grid
Posted Aug 20, 2015
Authored by Google Security Research, natashenka

There is a use-after-free issue if the scale9Grid setting is called on an object with a member that then frees display item. This issue occurs for both MovieClips and Buttons, it needs to be fixed in both classes.

tags | exploit
systems | linux
SHA-256 | 80b4a9baafb714f2dd9d49514a0fc66cae5b4722cb091640d14ef74e3e9fafcc
Flash Out-Of-Bounds Read In UTF Conversion
Posted Aug 20, 2015
Authored by Google Security Research, hawkes

This is a OOB read vulnerability when processing the SCRIPTDATASTRING object in Flv file.

tags | exploit
systems | linux
advisories | CVE-2015-3134
SHA-256 | b7ac22badf51c7c646164605a8e31a6bc88e7bf96892a72cbd86c59704b16c46
Windows Kernel ATMFD.DLL Invalid Memory Access Due To Malformed CFF Table (ATMFD+0x3440b / ATMFD+0x3440e)
Posted Aug 19, 2015
Authored by Google Security Research, mjurczyk

Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2460
SHA-256 | f3c9bc75807a1970026b1a04826e0374c827b906a3593467dfd94e746404d46e
Windows Kernel ATMFD.DLL Write To Uninitialized Address Due To Malformed CFF Table
Posted Aug 19, 2015
Authored by Google Security Research, mjurczyk

Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2432
SHA-256 | 6e52ae3b34903df13fac42f16c8c4249f5713a3b28e9e618f11bd01a076bfda5
Adobe Flash XML.childNodes Use-After-Free
Posted Aug 19, 2015
Authored by Google Security Research, natashenka

If a watch is set on the childNodes object of an XML object, and then the XML object is manipulated in a way that causes its child nodes to be enumerated, the watch will trigger. If the function in the watch deletes all the child nodes, the buffer containing the nodes will be deleted, even though the original function will still access it when it unwinds. This can lead to a childnodes array in ActionScript containing pointers that can be specified by an attacker.

tags | exploit
systems | linux
advisories | CVE-2015-5540
SHA-256 | 1295da6dedc93d6a1fe5a27a6f5a706c9506fa2c29602370bf75f3ab7f7f7165
Windows Kernel ATMFD.DLL Out-Of-Bounds Read Due To Malformed Name INDEX In The CFF Table
Posted Aug 19, 2015
Authored by Google Security Research, mjurczyk

Researchers have encountered a number of Windows kernel crashes in the ATMFD.DLL OpenType driver while processing corrupted OTF font files.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2461
SHA-256 | 6a8eb9549bb642753717c8d5defcb82e1195517e9f35e5373e1e62cfe755b503
Adobe Flash Use-After-Free In AttachMovie
Posted Aug 19, 2015
Authored by Google Security Research, natashenka

There is a use-after-free in attachMovie due to the initObject. If the initObject contains an object that calls a method that deletes the movie clip that is being attached, a use-after-free occurs.

tags | exploit
systems | linux
advisories | CVE-2015-5551
SHA-256 | 90bd26fa45bf4967bccd506cc65201e1553ca1b0810ffe60271cde208371b15b
Windows Kernel ATMFD.DLL Invalid Memory Access Due To Malformed CFF Table
Posted Aug 19, 2015
Authored by Google Security Research, mjurczyk

Researchers have encountered a Windows kernel crash in the ATMFD.DLL OpenType driver while processing a corrupted OTF font file.

tags | exploit, kernel
systems | linux, windows
advisories | CVE-2015-2459
SHA-256 | 86ad060ed6b0b92f73638bde724be9999e6d4cd36658f6ce0e727753ba8c5617
Adobe Flash Use-After-Free Pointer Storage
Posted Aug 19, 2015
Authored by Google Security Research, natashenka

There are use-after-frees related to storing a single pointer (this this pointer) in several MovieClip drawing methods, including beginFill, beginBitmapFill, beginGradientFill, linGradientStyle, lineTo, moveTo, curveTo and lineStyle.

tags | exploit
systems | linux
advisories | CVE-2015-3137
SHA-256 | eb82146aef2be66c90cc556f2ab77a11428236e2b722274ee758243d8ec6b0e3
EMC Isilon OneFS Privilege Escalation
Posted Mar 26, 2015
Site emc.com

EMC OneFS contains a security fix to address a privilege escalation vulnerability that may potentially be exploited by attackers to compromise the affected system. EMC Isilon OneFS versions 6.5.x.x, 7.0.1.x, 7.0.2.0 through 7.0.2.12, 7.1.0.0 through 7.1.0.5, 7.1.1.0 through 7.1.1.1, and 7.2.0.0 are affected.

tags | advisory
advisories | CVE-2015-0528
SHA-256 | 8532149045cfe63568349639fe7392f1d2ca3cdac10e41e16fc14dec2a17f047
EMC Documentum xMS Sensitive Information Disclosure
Posted Mar 23, 2015
Site emc.com

EMC Documentum xMS contains a security fix to address a sensitive information disclosure vulnerability where Windows Service user credentials may potentially be exposed in plaintext within batch files during provisioning of EMC Documentum Platform or xCelerated Composition Platform (xCP).

tags | advisory, info disclosure
systems | windows
advisories | CVE-2015-0527
SHA-256 | de1811d915ed6d6d148c73b5867e80d6616a3e8e6d683f6fdb8a1a4b1a78bd7c
EMC Captiva Capture Sensitive Information Disclosure
Posted Feb 6, 2015
Site emc.com

EMC Captiva Capture releases a security fix to address sensitive information disclosure vulnerability where password of a SQL user for the InputAccel (IA) database may potentially be logged in plaintext within the DAL log files after the InputAccel Database (IADB) installation. Versions 7.0 and 7.1 are affected.

tags | advisory, info disclosure
advisories | CVE-2015-0519
SHA-256 | 9c9819d594e47ef65f0e9771171a6a1915e74cbae99e6c1440655eb02228e934
EMC Documentum Digital Asset Manager Blind DQL Injection
Posted Jun 5, 2014
Site emc.com

EMC Documentum Digital Asset Manager (DAM) announces a security fix to address blind DQL (Documentum Query Language) injection vulnerability. The DAM thumbnail proxy server allows unauthenticated users to query objects using a vulnerable URL query string parameter. A malicious attacker can potentially conduct Blind DQL injection attacks using the vulnerable parameter to infer or modify the database contents. EMC Documentum Digital Asset Manager versions 6.5 SP3 through SP6 are affected.

tags | advisory
advisories | CVE-2014-2503
SHA-256 | 91095ede0e45fd5a70e325ef49ee1a0b47012f04bd0ecbd47837a21f92c3fdf2
RSA Adaptive Authentication Cross Site Scripting
Posted Jun 3, 2014
Site emc.com

RSA Adaptive Authentication (Hosted) contains a security fix for a DOM cross site scripting vulnerability that may potentially be exploited as a result of improper input validation in the rsa_fso.swf file. RSA Adaptive Authentication (Hosted) version 11.0 is affected.

tags | advisory, xss
advisories | CVE-2014-2502
SHA-256 | fb519bf1c5552b4299cf24beb800b4273768174db4ff04cd6cffb04d2131eb14
RSA NetWitness / Security Analytics Authentication Bypass
Posted May 13, 2014
Site emc.com

RSA NetWitness and RSA Security Analytics each contain a security fix for an authentication bypass vulnerability that could potentially be exploited to compromise the affected system. When PAM for Kerberos is enabled, an attacker can authenticate to the vulnerable system with a valid user name and without specifying a password. This issue does not affect other authentication methods. Affected include RSA NetWitness 9.8.5.17 or earlier, RSA Security Analytics 10.2.3 or earlier, and RSA Security Analytics 10.3.1 or earlier.

tags | advisory, bypass
advisories | CVE-2014-0643
SHA-256 | d3f0302f886f8021bdd615864411b0ed7d4b6997261f55f2e98ac35a06fcd19f
RSA Access Manager Sensitive Information Disclosure
Posted May 1, 2014
Site emc.com

RSA Access Manager contains a security fix for sensitive information disclosure vulnerability where user passwords are potentially logged in plaintext within the log files of the runtime WS component. By default, the logging level is now set to ERROR, which is not affected by this vulnerability. This vulnerability only applies when the logging level is changed to INFO.

tags | advisory, info disclosure
advisories | CVE-2014-0646
SHA-256 | f2a7153a1c94a23e52c5a56371f0d3425921f5f0969eb2d87c60695686969f9f
Struts 2.3.16.1 ClassLoader Manipulation
Posted Apr 24, 2014
Authored by Rene Gielen | Site struts.apache.org

In Struts 2.3.16.1, an issue with ClassLoader manipulation via request parameters was supposed to be resolved. Unfortunately, the correction wasn't sufficient. A security fix release fully addressing this issue is in preparation and will be released as soon as possible.

tags | advisory
SHA-256 | 1b02e3ee3cd52232d9bdeb795f9c25b15c8bffd44b3b7df846a5d3306f54c9ea
GS1.0.0.40OfficialRelease.rar
Posted Feb 23, 2008
Authored by cDc | Site goolag.org

Goolag Scanner version 1.0. This tool has been released by the Cult of the Dead Cow to automate Google hacking using 1,500 predefined search queries.

tags | tool, scanner
systems | unix
SHA-256 | 052f30701a3f98d4097362ef486c4e09cecdf65778832bd34781b2d744896d38
GS07-02.txt
Posted Oct 25, 2007
Authored by Fatih Ozavci, Caglar Cakici | Site gamasec.net

The RSA KEON Registration Authority Web Interface suffers from multiple cross site scripting vulnerabilities. Version 1.0 is susceptible.

tags | advisory, web, vulnerability, xss
SHA-256 | 26c310be669771da1384f9cf1a2df0bcb062948b01a68a3476d898341ac35511
GS07-01.txt
Posted May 17, 2007
Authored by Fatih Ozavci, Caglar Cakici | Site gamasec.net

Various HTTP content scanning systems fail to properly scan full-width/half-width Unicode encoded traffic. This may allow malicious content to bypass HTTP content scanning systems. Systems affected include Checkpoint Web Intelligence and IBM ISS Proventia Series systems.

tags | advisory, web
SHA-256 | ed7d99c4b0c8cf924026804e5a72dd264e34e794211f2f18d66d3c41fdd46077
Page 4 of 4
Back1234Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    3 Files
  • 8
    May 8th
    4 Files
  • 9
    May 9th
    54 Files
  • 10
    May 10th
    12 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    17 Files
  • 14
    May 14th
    11 Files
  • 15
    May 15th
    17 Files
  • 16
    May 16th
    13 Files
  • 17
    May 17th
    22 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    17 Files
  • 21
    May 21st
    18 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close