Exploit for Untrusted Pointer Dereference in Microsoft

ntoskrnl-metadata An IDA Python script for extracting critica...

CVE-2024-11403

CVE-2024-11403 involves an out-of-bounds read/write in LibJXL’s JPEG decoder used for recompression (JxlEncoderAddJPEGFrame) and also affects jpegli. The vulnerability arises when processing incomplete codes, allowing out-of-bounds writes and potentially causing reads of uninitialized memory or f...

Loncom packer: from backdoors to Cobalt Strike

The previous story described an unusual way of distributing malware under disguise of an update for an expired security certificate. After the story went out, we conducted a detailed analysis of the samples we had obtained, with some interesting findings. All of the malware we examined from the...

Apple OS X IOHDIXController Untrusted Pointer Dereference Privilege Escalation Vulnerability

This vulnerability allows local attackers to execute arbitrary code on vulnerable installations of Apple OS X. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists within the IOHDIXController interface. The issue lies...

Apple OS X IOGraphicsFamily Elevation of Privilege Vulnerability

Apple OS X is an operating system from Apple. Apple OS X suffers from an elevation of privilege vulnerability that stems from the failure of the IOGraphicsFamily interface to validate user-supplied function addresses before use, allowing a local attacker to exploit the vulnerability to elevate...

Windows Mobile 6.5 TR WinCE 5.2 MessageBox Shellcode ARM

Windows Mobile 6.5 TR WinCE 5.2 MessageBox Shellcode ARM. Shellcode exploit for windows platform / Device: HTC Touch2 System: Windows Mobile 6.5 TR WinCE 5.0.2 Addresses of functions can be different on different devices so , you can edit the functions addresses. Coded by Celil Ünüver from...