Spoofing

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain...

Microsoft Windows本地键盘布局处理权限提升漏洞(CVE-2012-0181)(MS12-034)

BUGTRAQ ID: 53326 CVE ID: CVE-2012-0181 Microsoft Windows是流行的计算机操作系统。 Windows内核模式驱动程序管理键盘布局文件的方式中存在一个特权提升漏洞。成功利用此漏洞的攻击者可以运行内核模式中的任意代码。攻击者随后可安装程序；查看、更改或删除数据；或者创建拥有完全管理权限的新帐户。 0 Microsoft Windows Windows XP Service Pack 3 0 Microsoft Windows Windows XP Professional x64 Ed Microsoft Windows Windows ...

CVE-2012-0181

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly manage Keyboard Layout files, which allows local users to gain...

K-Meleon Browser 1.5.4 Denial of Service

Exploit for windows platform in category dos / poc Title: ====== K-Meleon Browser v1.5.4 - Denial of Service Vulnerability Introduction: ============= K-Meleon is an extremely fast, customizable, lightweight web browser based on the Gecko layout engine developed by Mozilla which is also used by...

K-Meleon Browser v1.5.4 - Denial of Service Vulnerability

Document Title: =============== K-Meleon Browser v1.5.4 - Denial of Service Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=510 Release Date: ============= 2012-04-13 Vulnerability Laboratory ID VL-ID: ==================================== 5...

Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt

Автор: sickness Блог автора: Перевод: Gh0St 07.04.2012 Разработка эксплоитов для Linux. Часть 4 – обход ASCII armor и возврат в plt. ПРИМЕЧАНИЕ: Перед чтением данного документа, рекомендуется ознакомиться со следующими работами: Руководство по написанию эксплоитов для Linux. Часть I – переполнени...

Analyzing ASLR in Android Ice Cream Sandwich 4.0

When I first saw the release notes for the new Android Ice Cream Sandwich ICS platform, I was excited to see that Google mentioned that “Android 4.0 now provides address space layout randomization”. For the uninitiated, ASLR randomizes where various areas of memory eg. stack, heap, libs, etc are...

Critical: Red Hat Security Advisory: xulrunner security update

Updated xulrunner packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Microsoft Internet Explorer 9 页面布局处理远程代码执行漏洞(MS12-010)

BUGTRAQ ID: 51933 CVE ID: CVE-2012-0011 Microsoft Internet Explorer是微软公司推出的一款网页浏览器。 Microsoft Internet Explorer在页面布局的处理上存在远程代码执行漏洞，攻击者可利用此漏洞执行任意代码，控制应用和计算机。 0 Microsoft Internet Explorer 9 厂商补丁： Microsoft --------- Microsoft已经为此发布了一个安全公告（MS12-010）以及相应补丁: MS12-010：Cumulative Security Update for...

CVE-2012-0154

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

Design/Logic Flaw

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

CVE-2012-0154

Use-after-free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, and Windows 7 Gold and SP1 allows local users to gain privileges via a crafted application that triggers...

Internet Explorer HtmlLayout Remote Code Execution (MS12-010; CVE-2012-0011)

A remote code execution vulnerability has been reported in Internet Explorer...

Microsoft Windows Kernel 'Win32k.sys' Keyboard Layout Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability. A local attacker can exploit this issue to execute arbitrary code with kernel-level privileges. Successful exploits will result in the complete compromise of affected computers. Failed exploit attempts may cause...

PT-2012-2354 · Microsoft · Windows Server 2003 +5

Name of the Vulnerable Software and Affected Versions: Microsoft Windows XP versions SP2 and SP3 Microsoft Windows Server 2003 version SP2 Microsoft Windows Vista version SP2 Microsoft Windows Server 2008 versions SP2, R2, and R2 SP1 Microsoft Windows 7 versions Gold and SP1 Description: The issu...

linux/x86 sys_execve("/sbin/sysctl") 121 bytes polymorphic shellcode

/ sysexecve"/sbin/sysctl", "/sbin/sysctl", "-w", "kernel.randomizevaspace=0" , NULL; 121 bytes polymorphic shellcode Programmer : Paulus Gandung Prakosa syn-attack Thanks to : mywisdom, gunslinger, nofia fitri, chaer.newbie, wenkhairu, ketek, xtr0nic, supermen ganteng, and all devilzc0de members ...

Mozilla Firefox v8.x - URL & SSL Spoofing Vulnerability

Document Title: =============== Mozilla Firefox v8.x - URL & SSL Spoofing Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=330 Release Date: ============= 2011-12-21 Vulnerability Laboratory ID VL-ID: ==================================== 330...

Mozilla Products Multiple Information Disclosure Vulnerabilities - MAC OS X

The host is installed with Mozilla firefox/seamonkey/thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultinfodiscvulnmacosx.nasl 7024 2017-08-30 11:51:43Z teissa $ Mozilla Products Multiple Information Disclosure Vulnerabilities - MAC OS X...

Mozilla Products Multiple Information Disclosure Vulnerabilities - (Windows)

The host is installed with Mozilla firefox/seamonkey/thunderbird and is prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbmozillaprdtsmultinfodiscvulnwin.nasl 7029 2017-08-31 11:51:40Z teissa $ Mozilla Products Multiple Information Disclosure Vulnerabilities - Windows Authors:...

CVE-2010-5074

The layout engine in Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 executes different code for visited and unvisited links during the processing of Cascading Style Sheets CSS token sequences, which makes it easier for remote attackers to obtain sensitive information...