Herpaderping - Process Herpaderping Bypasses Security Products By Obscuring The Intentions Of A Process

Process Herpaderping is a method of obscuring the intentions of a process by modifying the content on disk after the image has been mapped. This results in curious behavior by security products and the OS itself. Summary Generally, a security product takes action on process creation by registerin...

VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP(CVE-2017-10129)

VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevation of Privilege Summary: The process hardening implemented by the VirtualBox driver can be circumvented to load arbitrary code inside a VirtualBox process givi...

VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation

VirtualBox 5.1.22 - Windows Process DLL UNC Path Signature Bypass Privilege Escalation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1296 VirtualBox: Windows Process DLL UNC Path Signature Bypass EoP Platform: VirtualBox v5.1.22 r115126 x64 Tested on Windows 10 Class: Elevatio...

FrontPage 97/98 Server Image Mapper Buffer Overflow

No description provided by source. source: http://www.securityfocus.com/bid/1117/info The htimage.exe and imagemap.exe files included with FrontPage handle server-side image mapping functions. Under normal operations, it would be passed a map name and a set of coordinates in the format http:...

FrontPage 9798 - Server Image Mapper Buffer Overflow

FrontPage 9798 - Server Image Mapper Buffer Overflow source: https://www.securityfocus.com/bid/1117/info The htimage.exe and imagemap.exe files included with FrontPage handle server-side image mapping functions. Under normal operations, it would be passed a map name and a set of coordinates in th...