Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium

In November 2019, Kaspersky technologies successfully detected a Google Chrome 0-day exploit that was used in Operation WizardOpium attacks. During our investigation, we discovered that yet another 0-day exploit was used in those attacks. The exploit for Google Chrome embeds a 0-day EoP exploit...

Dokany 1.2.0.1000 Buffer Overflow / Privilege Escalation

/ Exploit Title - Dokany Stack-based Buffer Overflow Privilege Escalation Date - 14th January 2019 Discovered by - Parvez Anwar @parvezghh Vendor Homepage - http://dokan-dev.github.io Tested Version - 1.2.0.1000 Driver Version - 1.2.0.1000 - dokan1.sys Software package -...

EPS Processing Zero-Days Exploited by Multiple Threat Actors

In 2015, FireEye published details about two attacks exploiting vulnerabilities in Encapsulated PostScript EPS of Microsoft Office. One was a zero-day and one was patched weeks before the attack launched. Recently, FireEye identified three new zero-day vulnerabilities in Microsoft Office products...

LCPlayer (.qt file) EOP change PoC (app crash)

No description provided by source. !/usr/bin/perl -w By DarkB0X HomePage : http://NullArea.Net contact : [email protected] after loading the file click on it in the program entry point will change and the app will crash my $file = "dark.qt" ; my $poc="http://"."A" x 0265487 ; openb0x,...