Packet Storm Exploit 2013-0811-1 - Oracle Java storeImageArray() Invalid...
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This exploit code demonstrates...
View ArticlePacket Storm Advisory 2013-0811-1 - Oracle Java storeImageArray()
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for...
View ArticlePacket Storm Exploit 2013-0813-1 - Oracle Java...
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This exploit...
View ArticlePacket Storm Advisory 2013-0813-1 - Oracle Java...
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This...
View ArticleJava storeImageArray() Invalid Array Indexing
This Metasploit module abuses an Invalid Array Indexing Vulnerability on the static function storeImageArray() function in order to produce a memory corruption and finally escape the Java Sandbox. The...
View ArticlePacket Storm Advisory 2013-0819-2 - Adobe ColdFusion 9 Administrative Login...
Adobe ColdFusion versions 9.0, 9.0.1, and 9.0.2 do not properly check the "rdsPasswordAllowed" field when accessing the Administrator API CFC that is used for logging in. The login function never...
View ArticlePacket Storm Exploit 2013-0819-1 - Oracle Java BytePackedRaster.verify()...
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This exploit code...
View ArticlePacket Storm Advisory 2013-0819-1 - Oracle Java BytePackedRaster.verify()
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This vulnerability allows...
View ArticlePacket Storm Exploit 2013-0827-1 - Oracle Java ByteComponentRaster.verify()...
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This exploit...
View ArticlePacket Storm Advisory 2013-0827-1 - Oracle Java ByteComponentRaster.verify()
The ByteComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks. This...
View ArticlePacket Storm Exploit 2013-0903-1 - Apple Safari Heap Buffer Overflow
A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. The exploit for this vulnerability is javascript code which shows how to use it for...
View ArticlePacket Storm Advisory 2013-0903-1 - Apple Safari Heap Buffer Overflow
A heap memory buffer overflow vulnerability exists within the WebKit's JavaScriptCore JSArray::sort(...) method. This method accepts the user-defined JavaScript function and calls it from the native...
View ArticlePacket Storm Exploit 2013-0917-1 - Oracle Java ShortComponentRaster.verify()...
The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the...
View ArticlePacket Storm Advisory 2013-0917-1 - Oracle Java ShortComponentRaster.verify()
The ShortComponentRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a memory corruption vulnerability that allows bypassing of "dataOffsets[]" boundary checks when the...
View ArticlePacket Storm Exploit 2013-1022-1 - Microsoft Silverlight Invalid Typecast /...
This exploit leverages both invalid typecast and memory disclosure vulnerabilities in Microsoft Silverlight 5 in order to achieve code execution. This exploit code demonstrates remote code execution by...
View ArticlePacket Storm Advisory 2013-1022-1 - Microsoft Silverlight Invalid Typecast /...
Microsoft Silverlight 5 suffers from invalid typecast and memory disclosure vulnerabilities that, when leveraged together, allow for arbitrary code execution. A memory disclosure vulnerability exists...
View ArticleMicrosoft Internet Explorer COALineDashStyleArray Unsafe Memory Access
This Metasploit module exploits a vulnerability on Microsoft Silverlight. The vulnerability exists on the Initialize() method from System.Windows.Browser.ScriptObject, which access memory in an unsafe...
View ArticlePacket Storm Exploit 2014-1204-1 - Offset2lib: Bypassing Full ASLR On 64bit...
Proof of concept code that demonstrates an ASLR bypass of PIE compiled 64bit Linux.
View ArticlePacket Storm Advisory 2014-1204-1 - Offset2lib: Bypassing Full ASLR On 64bit...
The release of this advisory provides exploitation details in relation a weakness in the Linux ASLR implementation. The problem appears when the executable is PIE compiled and it has an address leak...
View Article