Adobe ColdFusion arbitrary command execution flaws vulnerability 0day(CVE–2017–11283, CVE–2017–11284)early warning-vulnerability warning-the black bar safety net

Adobe ColdFusion in 2017 9 November 12 released a network security update in refer to the previous version, there is a serious deserialization flaws vulnerability bug（CVE-2017-11283, CVE-2017-11284, and may incur long-distance code to fulfill. When applying the Flex integration-do on Remote Adobe...

Struts2 new flaws vulnerability bug（S2-052 presents the use case, and face the vulnerability flaws of the enterprise-the race against time-vulnerability warning-the black bar safety net

Prior to the black bar safety net it S2-052）vulnerabilities done in a special thematic report, I believe we also have understand! Recently from the Cisco Talos experimental study of the analysis chamber and NVISO laboratory for the research staff also found that there was an attacker of real use ...

Described in the CTF game found Python deserialization BUG vulnerability flaws-vulnerability warning-the black bar safety net

In the first few days, I had the privilege to join the ToorConCTF（https://twitter.com/toorconctf in addition this event the process of my first time in Python in the invention the sequence of the flaws. In our competition process, there are two provocative touch to be able to perhaps receive the...