CVE2018-8550Poc

这个漏洞属于com组件Unmarshal类型本地权限提升漏洞 复现环境 1. Windows 10 1709 32位操作系统 2. 需要安装声卡或操作系统自带虚拟声卡 3. 编译环境Visual Studio 2013 Poc 分析 原poc作者James Forshaw使用C实现,我一直未复现成功,不过通过原poc的代码我大致明白了漏洞的成因和触发方法,原poc环境是win10 1803...

CVE-2018-4990 Adobe Reader code execution exploit analysis-exploit warning-the black bar safety net

2018 5 on 15 September, ESET released the article“A tale of two zero-days”, the article disclosed this year 3 month ESET in malware scan engine VirusTotal on the capture of the one used to attack the test PDF document. The PDF document contains a sample of two pieces of 0-day Vulnerability,...

In-depth interpretation of the dirty cow Linux local to mention the right Vulnerability, CVE-2 0 1 6-5 1 9 5-the vulnerability warning-the black bar safety net

0x00 overview The vulnerability is Linux a local mention the right vulnerability, the Finder is Phil Oester, affecting=2.6.22 all the Linux kernel version, the repair time is 2 0 1 6 years 1 0 months 1 8 Number. The vulnerability of the reason is getuserpage the kernel function in the processing ...

Technical analysis: local SWF files can be any local file leaked to the Internet-vulnerability warning-the black bar safety net

Flash file in design time it allows local swf files to read arbitrary local files. Flash Player version is not higher than 7, the local SWF files with other SWF file is interactive and can be accessed from any remote or local location of the loaded data. Principles In Flash Player 8 and later, SW...

About SSV-ID: 4 4 7 4 POC analysis and reflection-vulnerability warning-the black bar safety net

SSV-ID: 4 4 7 4 SSV-AppDir: Discuz! Vulnerability Published: 2008-11-21 GMT+0 8 0 0 URL: http://sebug.net/vuldb/ssvid-4474 A very old vulnerability, just as the study of penetration of a material of the bale, with its poc, the direct can be used, it feel so magical at the same time want to analyz...