Microsoft - 'MSHTML.dll' CTIMEOUTEVENTLIST::INSERTINTOTIMEOUTLIST Memory Leak

mshtml.dll CTimeoutEventList::InsertIntoTimeoutList Timer ID Pointer leak - Rubén Santamarta www.reversemode.com var i = 1; // counter function LeakOrDie var t; t=setInterval"foo",2000; t-=i; document.getElementById'atun'.innerHTML = ' Pointer leaked: '+'0x'+t.toString16; i++; function foo return...

iDefense Security Advisory 08.12.08: Microsoft PowerPoint Viewer 2003 Cstring Integer Overflow Vulnerability

iDefense Security Advisory 08.12.08 http://labs.idefense.com/intelligence/vulnerabilities/ Aug 12, 2008 I. BACKGROUND Microsoft Corp.'s PowerPoint Viewer is a viewer for full-featured presentations created in PowerPoint 97 and later versions. PowerPoint Viewer 2003 is freely downloadable from...

Microsoft Windows XP SP2 - win32k.sys Local Privilege Escalation (MS08-025)

Microsoft Windows XP SP2 - win32k.sys Local Privilege Escalation MS08-025 // ms08-25-exploit 1 // This exploit takes advantage of one of the vulnerabilities // patched in the Microsoft Security bulletin MS08-25 // http://www.microsoft.com/technet/security/bulletin/ms08-025.mspx //...

Exploits Microsoft Windows NtRaiseHardError Csrss.exe-winsrv.dll Double Free

No description provided by source. ///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot co...

Microsoft Windows - 'Csrss.exe/winsrv.dll' NtRaiseHardError Double-Free

///////////////////////////////////////// ///////////////////////////////////////// ///// Microsoft Windows NtRaiseHardError ///// Csrss.exe-winsrv.dll Double Free ///////////////////////////////////////// ///// Ruben Santamarta ///// ruben at reversemode dot com ///// www.reversemode.com...