Результаты поиска

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow While Processing Malformed PDF We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- (36ec.3210): Access violation...

Adobe Acrobat Reader DC for Windows - Static Buffer Overflow due to Malformed Font Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- (188c.47fc): Access violation - code...

Adobe Acrobat Reader DC for Windows - Heap-Based Buffer Overflow due to Malformed Font Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- (50a8.4100): Access violation -...

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in FixSbitSubTableFormat1 -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based...

Adobe Acrobat Reader DC for Windows - Heap-Based Out-of-Bounds read due to Malformed JP2 Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- (180c.327c): Access violation...

Adobe Acrobat Reader DC for Windows - Use-After-Free due to Malformed JP2 Stream We have observed the following access violation exception in the latest version of Adobe Acrobat Reader DC for Windows, when opening a malformed PDF file: --- cut --- (2040.5034): Access violation - code c0000005...

Microsoft Internet Explorer 11.1066.14393.0 - VBScript Arithmetic Functions Type Confusion <!-- There is a type confusion issue related to how some arithmetic operations are performed in VBScript. To illustrate, see the following simplified code of VbsVarMod static unsigned char...

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in WriteTableFromStructure -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based...

Microsoft Windows Kernel - 'IOCTL 0x120007 NsiGetParameter' nsiproxy/netio Pool Memory Disclosure /* We have discovered that the handler of the 0x120007 IOCTL in nsiproxy.sys (\\.\Nsi device) discloses portions of uninitialized pool memory to user-mode clients, likely due to output structure...

Microsoft Font Subsetting - DLL Heap Corruption in MakeFormat12MergedGlyphList -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the...

Microsoft Font Subsetting - DLL Heap Corruption in ReadTableIntoStructure -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific...

Microsoft Internet Explorer 11.0.9600.18617 - 'CMarkup::DestroySplayTree' Memory Corruption <!-- There is a memory corruption issue in IE that can be triggered with svg <use> element. The bug was confirmed on IE Version 11.0.9600.18617 (Update Version 11.0.40) running on Windows 7 64-bit. I...

Microsoft Font Subsetting - DLL Heap Corruption in ReadAllocFormat12CharGlyphMapList -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on...

Sophos Web Appliance 4.3.0.2 - 'trafficType' Remote Command Injection (Metasploit) # Exploit Title: Sophos Web Appliance reporting JSON trafficType Remote Command Injection Vulnerablity # Date: 01/28/2017 # Exploit Author: xort @ Critical Start # Vendor Homepage: www.sophos.com # Software...

Microsoft Font Subsetting - DLL Double Free in MergeFormat12Cmap / MakeFormat12MergedGlyphList -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions...

Microsoft Font Subsetting - DLL Heap Corruption in FixSbitSubTables -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific...

How to exploit ETERNALROMANCE/SYNERGY on Windows Server 2016 42329.pdf

Microsoft Font Subsetting - DLL Returning a Dangling Pointer via MergeFontPackage -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the...

Microsoft Font Subsetting - DLL Heap-Based Out-of-Bounds read in GetGlyphIdx -----=====[ Background ]=====----- The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the...

Microsoft Windows Text Services Framework MSCTF - Multiple Vulnerabilities The msctf subsystem is part of the Text Services Framework, The TSF manages things like input methods, keyboard layouts, text processing and so on. There are two main components, the ctfmon server and the msctf client...

Adobe Acrobat CoolType (AFDKO) - Memory Corruption in the Handling of Type 1 Font load/store Operators -----=====[ Background ]=====----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...

Adobe Acrobat CoolType (AFDKO) - Call from Uninitialized Memory due to Empty FDArray in Type 1 Fonts -----=====[ Background ]=====----- AFDKO (Adobe Font Development Kit for OpenType) is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font...

Hidden Network: Detecting Hidden Networks created with USB Devices 42318.pdf

Apache Struts 2.3.x Showcase - Remote Code Execution #!/usr/bin/python # -*- coding: utf-8 -*- # Just a demo for CVE-2017-9791 import requests def exploit(url, cmd): print("[+] command: %s" % cmd) payload = "%{" payload += "(#[email protected]@DEFAULT_MEMBER_ACCESS)."...

NSKeyedUnarchiver - Info Leak in Decoding SGBigUTF8String There is an info leak when decoding the SGBigUTF8String class using [SGBigUTF8String initWithCoder:]. This class initializes the string using [SGBigUTF8String initWithUTF8DataNullTerminated:] even though there is no guarantee the bytes...