8 matches found
Life After the Isolated Heap
Posted by Natalie Silvanovich, Mourner of Lost Exploits Over the past few months, Adobe has introduced a number of changes to the Flash Player heap with the goal of reducing the exploitability of certain types of vulnerabilities in Flash, especially use-after-frees. I wrote an exploit involving t...
End of Life for Internet Explorer 8, 9 and 10
Microsoft has started the year with an announcement that, effective Jan. 12, 2016, support for all older versions of Internet Explorer IE will come to an end known as an EoL, or End of Life. The affected versions are Internet Explorer 7, 8, 9, and 10. What this means for users is that Microsoft...
Zerodium Offers $100,000 for Flash Zero-Day Exploit that Bypasses Mitigations
A well-known company popular for buying and selling zero-day vulnerabilities is now offering up to $100,000 for providing a working zero-day exploit for bypassing the Flash Player's Heap Isolation mitigation. Few months back, Adobe deployed Heap Isolation in Flash version 18.0.0209 with an aim at...
BFS-SA-2015-001: Internet Explorer CTreeNode::GetCascadedLang Use-After-Free Vulnerability
Blue Frost Security GmbH https://www.bluefrostsecurity.de/ researchatbluefrostsecurity.de BFS-SA-2015-001 12-August-2015 Vendor: Microsoft, http://www.microsoft.com Affected Products: Internet Explorer Affected Version: IE 8-11 Vulnerability: CTreeNode::GetCascadedLang Use-After-Free Vulnerabilit...
Microsoft Internet Explorer 11 CTreeNode::GetCascadedLang Use-After-Free Exploit
Microsoft Internet Explorer 11 is prone to a use-after-free vulnerability in the MSHTML!CTreeNode::GetCascadedLang function. The following analysis was performed on Internet Explorer 11 on Windows 8.1 x64. If an attacker succeeds in bypassing the Memory Protector and Isolated Heap protection...
Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)
Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free MS15-079 meta http-equiv="X-UA-Compatible" content="IE=10...
Microsoft Internet Explorer CTreeNode::GetCascadedLang Use-After-Free
Blue Frost Security GmbH https://www.bluefrostsecurity.de/ researchatbluefrostsecurity.de BFS-SA-2015-001 12-August-2015 Vendor: Microsoft, http://www.microsoft.com Affected Products: Internet Explorer Affected Version: IE 8-11 Vulnerability: CTreeNode::GetCascadedLang Use-After-Free Vulnerabilit...
Microsoft Internet Explorer - CTreeNode::GetCascadedLang Use-After-Free (MS15-079)
function Trigger fori=0;...