29 matches found
Hunt-Sleeping-Beacons - Aims To Identify Sleeping Beacons
The idea of this project is to identify beacons which are unpacked at runtime or running in the context of another process. To do so, I make use of the observation that beacons tend to call Sleep between their callbacks. A call to sleep sets the state of the thread to DelayExecution which is take...
April 9, 2019—KB4493450 (Security-only update)
April 9, 2019—KB4493450 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Addresses an issue that may cause applications that use MSXML6 to stop responding if an exception was thrown during node operations. Addresses an issue that...
April 9, 2019—KB4493448 (Security-only update)
April 9, 2019—KB4493448 Security-only update Improvements and fixes This security update includes quality improvements. Key changes include: Provides protections against Spectre Variant 2 CVE-2017-5715 and Meltdown CVE-2017-5754 for VIA-based computers. These protections are enabled by default fo...
March 12, 2019—KB4489891 (Monthly Rollup)
March 12, 2019—KB4489891 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4487024 released February 19, 2019 and addresses the following issues: Addresses an issue that may prevent the Event Viewer from showing some event...
March 12, 2019—KB4489878 (Monthly Rollup)
March 12, 2019—KB4489878 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4486565 released February 19, 2019 and addresses the following issues: Addresses an issue that may prevent the Event Viewer from showing some event...
February 12, 2019—KB4486564 (Security-only update)
February 12, 2019—KB4486564 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent applications that use a Microsoft Jet database...
February 12, 2019—KB4486993 (Security-only update)
February 12, 2019—KB4486993 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent applications that use a Microsoft Jet database...
February 12, 2019—KB4487028 (Security-only update)
February 12, 2019—KB4487028 Security-only update Improvements and fixes This security update includes quality improvements. No new operating system features are being introduced in this update. Key changes include: Addresses an issue that may prevent applications that use a Microsoft Jet database...
February 12, 2019—KB4486563 (Monthly Rollup)
February 12, 2019—KB4486563 Monthly Rollup Improvements and fixes This security update includes improvements and fixes that were a part of update KB4480955 released January 17, 2019 and addresses the following issues: Addresses an issue that may prevent applications that use a Microsoft Jet...
January 8, 2019—KB4480963 (Monthly Rollup)
January 8, 2019—KB4480963 Monthly Rollup Improvements and fixes This security update addresses the following issues: Provides protections against an additional subclass of speculative execution side-channel vulnerability known as Speculative Store Bypass CVE-2018-3639 for AMD-based computers. The...
Bittorrent 7.10.0 (Build 43581) Installer DLL Hijacking
Exploit Title: Bittorrent 7.10.0 Build 43581 Installer DLL Search Order Hijack - "WININET.dll", "DNSAPI.dll", others Date of Discovery: July 21 2017 Exploit Author: Rithwik Jayasimha Author Homepage/Contact: https://thel3l.me Vendor Name: Bittorrent Inc. Vendor Homepage: https://www.bittorrent.co...
Microsoft Internet Explorer WININET.dll - CHttpHeaderParser::ParseStatusLine Out-of-Bounds Read
A specially crafted HTTP response can cause the CHttpHeaderParser::ParseStatusLine method in WININET to read data beyond the end of a buffer. The size of the read can be controlled through the HTTP response. An attacker that is able to get any application that uses WININET to make a request to a...
Microsoft WININET.dll - CHttpHeaderParser::ParseStatusLine Out-of-Bounds Read (MS16-104MS16-105)
Microsoft WININET.dll - CHttpHeaderParser::ParseStatusLine Out-of-Bounds Read MS16-104MS16-105 !-- Source: http://blog.skylined.nl/20161110001.html Synopsis A specially crafted HTTP response can cause the CHttpHeaderParser::ParseStatusLine method in WININET to read data beyond the end of ...
WININET CHttpHeaderParser::ParseStatusLine Out-Of-Bounds Read
Throughout November, I plan to release details on vulnerabilities I found in web-browsers which I've not released before. This is the eight entry in that series, although this particular vulnerability does not just affect web-browsers, but all applications that use WININET to make HTTP requests...
Microsoft WININET.dll - 'CHttpHeaderParser::ParseStatusLine' Out-of-Bounds Read (MS16-104/MS16-105)
!-- Source: http://blog.skylined.nl/20161110001.html Synopsis A specially crafted HTTP response can cause the CHttpHeaderParser::ParseStatusLine method in WININET to read data beyond the end of a buffer. The size of the read can be controlled through the HTTP response. An attacker that is abl...
BulletProof FTP Client 2010 - Buffer Overflow (DEP Bypass) Exploit
Exploit for windows platform in category local exploits ----------------------------------------------------------------------------- Exploit Title: BulletProof FTP Client 2010 - Buffer Overflow SEH Date: Feb 15 2015 Exploit Author: Gabor Seljan Software Link: http://www.bpftp.com/ Version:...
eSignal 7.6 STREAMQUOTE Remote Buffer Overflow Exploit
No description provided by source. !/usr/bin/perl eSignal v7.6 remote exploit c VizibleSoft == http://viziblesoft.com/insect 25-mAR-2004 use IO::Socket; sub usage die"\nUsage: perl $0 host port\n"; print "\r\neSignal v7.6 remote exploit, c VizibleSoft.com\r\n"; my $ip = $ARGV0 || usage; my $port ...
Internet Explorer WinINet.DLL FTP服务器响应内存破坏漏洞(MS07-016)
Internet Explorer是微软发表的非常流行的WEB浏览器。 Internet Explorer在解析远程FTP服务器的回复行时存在内存破坏漏洞。在FTP会话期间,客户端请求服务器执行某些操作,服务器会用数字代码、可读消息或其他信息响应请求。由于回复中可能包含有多行,因此客户端中的代码将回复拆分为多行,在行字符的末尾添加空字节(0x00)。如果某行恰好在回复缓冲区的最后一个字符结束的话,就会将终止的空字节写入到所分配空间之外,覆盖一个字节的堆管理结构。攻击者可以通过向客户端发送一系列特制的回复破坏堆,导致执行任意代码。 Microsoft Internet Explorer...
[Full-disclosure] iDefense Security Advisory 02.13.07: Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability
Microsoft 'wininet.dll' FTP Reply Null Termination Heap Corruption Vulnerability iDefense Security Advisory 02.13.07 http://labs.idefense.com/intelligence/vulnerabilities/ Feb 13, 2007 I. BACKGROUND The WinInet module provides access to common Internet protocols, including FTP and HTTP, allowing ...
CVE-2007-0217
The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption...