52 matches found
UAF vulnerability description-vulnerability warning-the black bar safety net
UAF Use After Freevulnerability is a memory corruption vulnerability,usually present in the browser. Recently,the browser's new version Added a series of controls,which also makes use of these vulnerabilities becomes more difficult. Nevertheless,they still seem to exist. This article mainly will ...
Mail.ru: [api.login.icq.net] Reflected XSS
https://api.login.icq.net/auth/login?doSNSAuth=-1&f=qs&idType=OID&k=ao1-uaRbbNAqtYfG&succUrl=http://c.icq.com/webicq/iconuploader/1/redir.html&supportedIdType=SN"alertdocument.domaina="&doSNSAuth=0 Тонкость: обязательно открывать через HTTPS. Работает IE 8...
Adobe Flash Player Shader Buffer Overflow
This module exploits a buffer overflow vulnerability in Adobe Flash Player. The vulnerability occurs in the flash.Display.Shader class, when setting specially crafted data as its bytecode, as exploited in the wild in April 2014. This module has been tested successfully on the following operating...
CVE-2015-1754
Microsoft Internet Explorer 8 is affected by CVE-2015-1754, a remote memory-corruption vulnerability triggered by viewing a crafted webpage. The issue allows remote code execution or memory-related denial of service. Affected product range includes Internet Explorer versions 6–11, with IE8 specif...
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
This module exploits a use after free vulnerability in Adobe Flash Player. The vulnerability occurs in the ByteArray::UncompressViaZlibVariant method, when trying to uncompress a malformed byte stream. This module has been tested successfully on: Windows 7 SP1 32 bits, IE 8 to IE 11 and Flash...
Adobe Flash Player - NetConnection Type Confusion (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player NetConnection Type Confusion', 'Description' = %q This module exploits a type confusion vulnerability in the...
Adobe Flash Player domainMemory ByteArray Use After Free
This module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, when forcing a reallocation by copying more contents than the original capacity, but Flash forgets...
Adobe Flash Player domainMemory ByteArray Use After Free
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player domainMemory ByteArray Use After Free', 'Description' = %q This module exploits a use-after-free vulnerability in...
Microsoft Internet Explorer CVE-2015-1652 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Adobe Flash Player - ByteArray With Workers Use-After-Free (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player ByteArray With Workers Use After Free', 'Description' = %q This module exploits an use after free vulnerability i...
Adobe Flash Player ByteArray With Workers Use After Free
This module exploits a use-after-free vulnerability in Adobe Flash Player. The vulnerability occurs when the ByteArray assigned to the current ApplicationDomain is freed from an ActionScript worker, which can fill the memory and notify the main thread to corrupt the new contents. This module has...
Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free', 'Description' = %q This module exploits an use after free...
Adobe Flash Player - ByteArray UncompressViaZlibVariant Use-After-Free (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Adobe Flash Player ByteArray UncompressViaZlibVariant Use After Free', 'Description' = %q This module exploits an use after free...
CVE-2015-0100
CVE-2015-0100 refers to a memory-corruption vulnerability in Microsoft Internet Explorer 8 that could allow a remote attacker to execute arbitrary code or cause a denial of service by loading a crafted webpage. The description in multiple sources identifies IE8 as affected and describes memory co...
Microsoft Internet Explorer CVE-2015-0029 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
MS15-004 Microsoft Remote Desktop Services Web Proxy IE Sandbox Escape
This module abuses a process creation policy in Internet Explorer's sandbox; specifically, Microsoft's RemoteApp and Desktop Connections runtime proxy, TSWbPrxy.exe. This vulnerability allows the attacker to escape the Protected Mode and execute code with Medium Integrity. At the moment, this...
CVE-2014-4129
CVE-2014-4129 affects Microsoft Internet Explorer (notably IE8) and is described in connected sources as a remote memory-corruption vulnerability exploitable via a crafted web page. The underlying issue is memory corruption that could allow remote code execution or a denial of service when proces...
Microsoft Internet Explorer 'CAttrArray' Objects Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to view a specially crafted webpage. Attackers can exploit this issue to execute arbitrary code in the context of the currently logged-in...
Microsoft Internet Explorer CVE-2014-2774 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet Explorer ...
Microsoft Internet Explorer CVE-2014-2797 Remote Memory Corruption Vulnerability
Description Microsoft Internet Explorer is prone to a remote memory-corruption vulnerability. Successfully exploiting this issue may allow attackers to execute arbitrary code in the context of the application. Failed exploit attempts will result in denial-of-service conditions. Internet explorer...