[SECURITY] [DSA 3607-1] linux security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3607-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso June 28, 2016 https://www.debian.org/security/faq -...

Adobe Flash - JXR Processing Out-of-Bounds Read

Adobe Flash - JXR Processing Out-of-Bounds Read Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=791 There is an out-of-bounds read in JXR processing. This issue is probably not exploitable, but could be used an an information leak. To reproduce the issue, load the attach file '8...

Adobe Flash - MP4 File Stack Corruption

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=760 The attached mp4 file causes stack corruption in flash. To load, put LoadMP42.swf on a server and load http://127.0.0.1/LoadMP42.swf?file=t.mp4. Proof of Concept:...

Mach Race OSX - Local Privilege Escalation

Source: https://github.com/gdbinit/machrace Mach Race OS X Local Privilege Escalation Exploit c fG! 2015, 2016, [email protected] - https://reverse.put.as A SUID, SIP, and binary entitlements universal OS X exploit CVE-2016-1757. Usage against a SUID binary: ./machraceserver /bin/ps compatmode for ...

Adobe Flash - Color.setTransform Use-After-Free

Exploit for multiple platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=451 If Color.setTransform is set to a transform that deletes the field it is called on, a UaF occurs. A PoC is as follows: var tf:TextField = this.createTextField"tf",1,1,1,4,4 va...

Google Android - 'ih264d_process_intra_mb' Memory Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=523 The attached file causes a crash in ih264dprocessintramb in avc parsing, likely due to incorrect bounds checking in one of the memcpy or memset calls in the method. The file crashes with the following stack trace in M: 09-08...

Adobe Flash - Object.unwatch Use-After-Free

Sources: https://bugs.chromium.org/p/project-zero/issues/detail?id=716 https://googleprojectzero.blogspot.ca/2016/03/life-after-isolated-heap.html The bug is an uninitialized variable in the fix to an ActionScript 2 use-after-free bug. Roughly 80 of these types of issues have been fixed by Adobe ...

Apple Intel HD3000 Graphics kernel driver patch

While the iMessage crypto bug got most of the attention among this week’s Apple patches, another vulnerability that was addressed represents a nasty trend of privilege escalation flaws that merit watching. Researchers at Cisco on Wednesday disclosed details on a flaw in an OS X graphics kernel...

Comodo Chromodo Browser Disables Same-Origin Policy

Google researcher Tavis Ormandy has disclosed that the Chromodo browser installed with Comodo Internet Security disables the same-origin policy by default. The same-origin policy is a fundamental tenet of web security, ensuring that scripts access data from a second webpage only if the two pages...

FireEye Exploitation: Project Zero’s Vulnerability of the Beast

Posted by Tavis Ormandy, Chief Silver Bullet Skeptic. FireEye sell security appliances to enterprise and government customers. FireEye’s flagship products are monitoring devices designed to be installed at egress points of large networks, i.e. where traffic flows from the intranet to the internet...

Samsung Android 5. 0 device WifiCredService remote code execution-vulnerability warning-the black bar safety net

The vulnerability is in a few months ago is Google Project Zero and the Quarkslab team found, has only recently been disclosed. The vulnerability only requires the user to browse a website or download a mail attachment or by the basic will not have any rights of a third party malicious programs c...

TrueCrypt vulnerability analysis: than people think the more security-vulnerability warning-the black bar safety net

! TrueCrypt is a is millions on security and privacy lovers the favorite data encryption tool, but recently it broke some of the vulnerabilities. However, according to well-known Information Security Technology Institute of the Fraunhofer-out of a safety analysis report, it may still have to than...

Samsung Android 5 device abuse wifiCredService lead to remote code execution-vulnerability warning-the black bar safety net

This article detailed analysis of the most recent in Google's vulnerability Bounty program disclosed in the Samsung Android5 devices vulnerability0, the vulnerability by Google's Project Zero team as well as Quarkslab mining. As far as we know, the vulnerability exists in all Samsung powered by...

Google from the Android system vulnerabilities Samsung security risks a lot-vulnerability warning-the black bar safety net

! According to the latest reports, nearly a week, the Google team have been trying to challenge“the Android security boundaries”, they want to know their ability by certain means, in the Not and user the exchange of the premise, remote access to the user's address book, photos and information; fi...

Samsung Galaxy S6 Edge Security Vulnerabilities

Google’s Nexus Android devices are considered the most secure by default since they’re guaranteed to receive all security patches for vulnerabilities found internally and those disclosed by third parties. Google’s Project Zero research team, however, decided to expand its reach and test the water...

Hack The Galaxy: Hunting Bugs in the Samsung Galaxy S6 Edge

Posted by Natalie Silvanovich, Planner of Bug Bashes Recently, Project Zero researched a popular Android phone, the Samsung Galaxy S6 Edge. We discovered and reported 11 high-impact security issues as a result. This post discusses our motivations behind the research, our approach in looking for...

Emergency Patch released for Latest Flash Zero-Day Vulnerability

Two days ago, The Hacker News THN reported about the Zero-day vulnerability in the freshly patched Adobe Flash Player. The vulnerability was exploited in the wild by a well-known group of Russian hackers, named "Pawn Storm," to target several foreign affairs ministries worldwide. The zero-day fla...

Emergency Adobe Flash Zero Day Patch Arrives Ahead of Schedule

Adobe has decided to patch the zero day vulnerability that was disclosed in Flash Player earlier this week today — instead of next week as originally scheduled. According to a security bulletin Adobe posted this morning the update actually fixes three vulnerabilities in the software, but the most...

Cisco AnyConnect Secure Mobility Client for Windows Privilege Escalation Vulnerability

A vulnerability in Cisco AnyConnect Secure Mobility Client for Windows could allow an authenticated, local attacker to execute an arbitrary executable file with privileges equivalent to the Microsoft Windows operating system SYSTEM account. The vulnerability is due to lack of checks in the code f...

Adobe Patches 23 Vulnerabilities in Flash Player

Adobe has released a Flash Player update that addresses 23 critical vulnerabilities in the software, many which can lead to code execution. Version 18.0.0.231 and earlier of Flash Player for Windows and Mac, Microsoft Edge and Internet Explorer 11 in Windows 10, and Internet Explorer 10 and 11, a...