1249 matches found
Schneider Electric Unity PRO Control Flow Management Vulnerability
OVERVIEW Avihay Kain and Mille Gandelsman of Indegy have identified a vulnerability in Schneider Electric Unity PRO Software product. Schneider Electric has released a security notification with instructions to mitigate this vulnerability. This vulnerability could be exploited remotely. AFFECTED...
Stable Channel Update for Desktop
The stable channel has been updated to 52.0.2743.116 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictio...
Adobe Reader Out of Bounds Memory Access (APSB16-26: CVE-2016-4191)
This vulnerability is an instance of a memory corruption vulnerability. In particular, the vulnerability is caused by a crafted PDF file which causes an out of bounds memory access, which can trigger an access violation exception. Attackers can exploit the vulnerability by using the out of bounds...
Stable Channel Update
The stable channel has been updated to 51.0.2704.79 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library th...
Reverse Engineering Cross Platform Disassembler: Panopticon
Reverse Engineering Cross Platform Disassembler Panopticon is a disassembler that understands the semantics of opcodes. This way it’s able to help the user by discovering and displaying invariants that would have to be discovered “by hand” in traditional disassemblers. This allows an interactive...
Adobe Flash Out of Bounds Access Code Corruption (CVE-2016-4117)
An out of bounds access vulnerability has been reported in Adobe Flash Player. The vulnerability is due to a type-confused parameter in Adobe Flash Player SWF file. A remote attacker can exploit this issue by using the out of bounds access for unintended reads, writes or frees – potentially leadi...
Generic Android Deobfuscator: Simplify
Simplify uses a virtual machine to execute an app and understand what it does. Then, it applies optimizations to create code that behaves identically but is easier for a human to understand. It is a generic deobfuscator because it doesn’t need any special configuration or code for different types...
Internet Bug Bounty: Type confusion in partial.setstate, partial_repr, partial_call leads to memory corruption, reliable control flow hijack
See my official writeups here: http://bugs.python.org/issue25944 http://bugs.python.org/issue25945 The maintainers merged these bug reports. In one case, the type confusion leads to a reliable control of the instruction pointer as calling repr on a corrupted partial calls a function pointer that ...
Stable Channel Update
The stable channel has been updated to 48.0.2564.109 for Windows, Mac, and Linux. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with a fix. We will also retain restrictions if the bug exists in a third party library...
Stable Channel Update
The Chrome team is delighted to announce the promotion of Chrome 48 to the stable channel for Windows, Mac and Linux. Chrome 48.0.2564.82 contains a number of fixes and improvements -- a list of changes is available in the log. Watch out for upcoming Chrome and Chromium blog posts about new...
Stable Channel Update
The stable channel has been updated to 47.0.2526.80 for Windows, Mac, and Linux. This release contains an update to Adobe Flash Player 20.0.0.228 and security fixes. Security Fixes and Rewards Note: Access to bug details and links may be kept restricted until a majority of users are updated with ...
Exploit Writing and Exploit Mitigation
More and more white hats who practice offensive security and exploit writing are simultaneously talking about exploit mitigation. Granted, some are incentivized to do so by their employers or six-figure rewards programs, but the trend nonetheless is moving away from finding and fixing individual...
Control Flow Guard Mitigation Bypass
Introduced in Windows 8.1 Update 3 and Windows 10, Control Flow Guard was Microsoft’s latest antidote to memory-corruption attacks. The technology was meant to stand up to attacks that had long ago figured out how to bypass previous-generation protections such as Address Space Layout Randomizatio...
ZenPhoto 1.4.8 - Multiple Vulnerabilities
ZenPhoto version 1.4.8 suffers from cross site scripting, remote SQL injection, and path traversal vulnerabilities. Vulnerability: SQL Injection, Reflected XSS, Path Traversal Affected Software: ZenPhoto http://www.zenphoto.org/ Affected Version: 1.4.8 probably also prior versions Patched Version...
Static Analysis Tool: Bindead
The tool is based on the dynamic instrumentation framework PIN from Intel. Currently PIN is only working with the x86 architecture. Additionally, bintrace currently is limited to the Linux platform but will be ported to Windows when there is the need to. Actually, building for Windows might work...
EMET 5.2 is available (update)
Today, we’re releasing the Enhanced Mitigation Experience Toolkit EMET 5.2, which includes increased security protections to improve your security posture. You can download EMET 5.2 from microsoft.com/emet or directly from here. Following is the list of the main changes and improvements: Control...
JADX - Java source code from Android Dex and Apk files
Command line and GUI tools for produce Java source code from Android Dex and Apk files. Usage jadx-gui options .dex, .apk, .jar or .class options: -d, --output-dir - output directory -j, --threads-count - processing threads count -f, --fallback - make simple dump using goto instead of 'if', 'for'...
[ODA] Online Web Based Disassembler
ODA stands for Online DisAssembler. ODA is a general purpose machine code disassembler that supports a myriad of machine architectures. Built on the shoulders of libbfd and libopcodes part of binutils, ODA allows you to explore an executable by dissecting its sections, strings, symbols, raw hex,...
[APKinspector] Powerful GUI tool to analyze the Android applications
The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code. APKInspector provides both analysis functions and graphic features for the users to gain deep insight into the malicious apps: CFG Call Graph Static...
HITB2011KUL - Post Memory Corruption Analysis
Document Title: =============== HITB2011KUL - Post Memory Corruption Analysis References: =========== Download: http://www.vulnerability-lab.com/resources/videos/398.wmv View: http://www.youtube.com/watch?v=kOgarD9KCbg Release Date: ============= 2012-01-26 Vulnerability Laboratory ID VL-ID:...