acrobat-reader-escape

Adobe Reader JS Sandbox Escape — POC Proof-of-concept for thr...

SUSE CVE-2012-0779

Adobe Flash Player before 10.3.183.19 and 11.x before 11.2.202.235 on Windows, Mac OS X, and Linux; before 11.1.111.9 on Android 2.x and 3.x; and before 11.1.115.8 on Android 4.x allows remote attackers to execute arbitrary code via a crafted file, related to an "object confusion vulnerability," ...

(Pwn2Own) Adobe Flash RTMP Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTMP...

Microsoft Office Word 2007 - RTF Object Confusion (ASLR and DEP Bypass) Exploit

Exploit for windows platform in category local exploits Title : Microsoft Office Word 2007 - RTF Object Confusion ASLR and DEP bypass Date : 28/02/2015 Author : R-73eN Software : Microsoft Office Word 2007 Tested : Windows 7 Starter import sys Windows Message Box / all versions . Thanks to Giusep...

Microsoft Word 2007 - RTF Object Confusion (ASLR + DEP Bypass)

Microsoft Word 2007 - RTF Object Confusion ASLR + DEP Bypass Title : Microsoft Office Word 2007 - RTF Object Confusion ASLR and DEP bypass Date : 28/02/2015 Author : R-73eN Software : Microsoft Office Word 2007 Tested : Windows 7 Starter import sys Windows Message Box / all versions . Thanks to...

Microsoft Word 2007 - RTF Object Confusion (ASLR + DEP Bypass)

Title : Microsoft Office Word 2007 - RTF Object Confusion ASLR and DEP bypass Date : 28/02/2015 Author : R-73eN Software : Microsoft Office Word 2007 Tested : Windows 7 Starter import sys Windows Message Box / all versions . Thanks to Giuseppe D'amore for the shellcode . shellcode =...

MS14-017 Microsoft Word RTF Object Confusion

No description provided by source. This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::FILEFORMAT def initializeinfo =...

CVE-2014-1764

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

Design/Logic Flaw

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

CVE-2014-1764

Microsoft Internet Explorer 7 through 11 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism by leveraging "object confusion" in a broker process, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014...

CVE-2014-1764

CVE-2014-1764 affects Microsoft Internet Explorer 7–11. The issue is an object confusion vulnerability in the data exchanged between the broker and sandboxed processes, allowing a sandboxed process to execute code in the broker context and bypass IE Protected Mode. This can lead to remote code ex...

MS14-017 Microsoft Word RTF Object Confusion Exploit

This Metasploit module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a listoverridecount field can be modified to treat one structure as another. This bug was originally seen being exploited in the wild...

MS14-017 Microsoft Word RTF Object Confusion

This module creates a malicious RTF file that when opened in vulnerable versions of Microsoft Word will lead to code execution. The flaw exists in how a listoverridecount field can be modified to treat one structure as another. This bug was originally seen being exploited in the wild starting in...

VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own)

VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass MS13-037 / Pwn2Own Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- "Microsoft Internet Explorer is a web browser developed by Microsoft and included as...

Flash Player <= 10.3.183.18 / 11.2.202.233 Object Confusion Vulnerability (APSB12-09)

Binary data 6801.prm...

VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion &#40;CVE-2013-2555&#41;

VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion Code Execution CVE-2013-2555 Website : http://www.vupen.com Twitter : http://twitter.com/vupen I. BACKGROUND --------------------- Adobe Flash Player is a cross-platform browser-based application runtime that...

Adobe Flash Player Object Confusion Code Execution

Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...

Adobe Flash Player Object Confusion Code Execution

Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...

Adobe Flash Player Object Confusion Code Execution

Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...

Adobe Flash Player Object Confusion Code Execution

Added: 06/29/2012 CVE: CVE-2012-0779 BID: 53395 OSVDB: 81656 Background Adobe Flash Player is a cross-platform browser plug-in providing visual enhancements for web pages. Problem Adobe Flash Player 11.2.202.233 and earlier on Windows is vulnerable to an "object confusion" vulnerability. A remote...