3 matches found
CVE-2021-3714
A flaw was found in the Linux kernels memory deduplication mechanism. Previous work has shown that memory deduplication can be attacked via a local exploitation mechanism. The same technique can be used if an attacker can upload page sized files and detect the change in access time from a network...
Java deserialization vulnerability the principles of the analysis-vulnerability warning-the black bar safety net
In the world there are three things most difficult: Put someone else's money stuffed into their own pockets Put their ideas put into someone else's head. To let own code run on someone else's server Foreword Java deserialization vulnerability is nearly a period of time has been focused on the...
ok.ru: Same-Origin Policy Bypass #2
Hi, This is really similar issue to my previous report 102234 - exploitation mechanism is really same but other swf file is vulnerable. All conditions are met: - st.mycdn.me domain which is in ok.ru crossdomain.xml - Security.allowDomain'' - possibility to execute own SWF code provided by URL...