<< Previous Next >>
analysis
Adobe Flash Player v10.3.181.34 and prior
Adobe Flash Player v10.3.185.25 and prior for Android
Adobe AIR version 2.7 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
Adobe Acrobat and Reader X (10.1) and prior
Adobe Acrobat and Reader 9.4.5 and prior
Adobe Acrobat and Reader 8.3 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
Microsoft Office 2007 Service Pack 2
Microsoft Office 2003 Service Pack 3
Microsoft Office 2002 Service Pack 3
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits Service :
---------------------------
Novell GroupWise v8.0.2 (SP2) Hot Patch 2 (HP2) and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Novell GroupWise v8.0.2 (SP2) Hot Patch 2 (HP2) and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Novell GroupWise v8.0.2 (SP2) Hot Patch 2 (HP2) and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Novell GroupWise v8.0.2 (SP2) Hot Patch 2 (HP2) and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Google Chrome versions prior to 14.0.835.202
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Google Chrome versions prior to 14.0.835.202
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
Microsoft Windows Vista x64 Edition Service Pack 2
Microsoft Windows Server 2008 for 32-bit Systems Service Pack 2
Microsoft Windows Server 2008 for x64-based Systems Service Pack 2
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP2 (Itanium)
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits portal :
Microsoft Windows 7 (32-bit) Service Pack 1
Microsoft Windows 7 (x64)
Microsoft Windows 7 (x64) Service Pack 1
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
---------------------------
Adobe Flash Player versions prior to 11.1.102.55
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a proof-of-concept code
are available through the VUPEN Binary Analysis & Exploits portal :
Microsoft Windows Server 2003 Service Pack 2
Microsoft Windows Server 2003 x64 Edition Service Pack 2
Microsoft Windows Server 2003 SP2 (Itanium)
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth binary analysis of the vulnerability and a code execution exploit
are available through the VUPEN Binary Analysis & Exploits portal :
Adobe Acrobat and Reader X (10.1.1) and prior
Adobe Acrobat and Reader 9.4.7 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth technical analysis of the vulnerability and a proof-of-concept
code are available through the VUPEN Binary Analysis & Exploits portal:
- Web application vulnerability research
- Application reverse engineering and related automated tools
- Database security & attacks
- Advanced Trojans, worms and backdoor technique
--- Intrusion detection/forensics analysis
- Traffic analysis
- Real-time data structure recovery
- File system analysis & recovery
- Intrusion detection and anti-detection technique
- Reverse engineering (malicious code analysis technique, vulnerability research)
---------------------------
Adobe Flash Player version 11.1.102.62 and prior
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth technical analysis of the vulnerability and a proof-of-concept
code are available through the VUPEN Binary Analysis & Exploits portal:
Microsoft Windows Server 2008 R2 for x64-based Systems Service Pack 1
Microsoft Windows Server 2008 R2 for Itanium-based Systems
Microsoft Windows Server 2008 R2 for Itanium-based Systems Service Pack 1
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth technical analysis of the vulnerability and a working exploit
are available through the VUPEN Binary Analysis & Exploits portal:
---------------------------
Adobe Flash Player versions prior to 11.2.202.228
IV. Binary Analysis & Exploits/PoCs
---------------------------------------
In-depth technical analysis of the vulnerability and a working exploit
are available through the VUPEN Binary Analysis & Exploits portal:
NOTE: Patch installation instructions are shown at the end of this table.
-------------------------------------------------
MS Patch - MS07-055 Vulnerability in Kodak Image Viewer Could Allow Remote Code Execution (923810)
Analysis - Possible security issue exists. Patch will run successfully.
Action - For SMA v2.1, customers should download patch from Microsoft and install.
-------------------------------------------------
MS Patch - MS07-056 Security Update for Outlook Express and Windows Mail (941202)
Analysis - Possible security issue exists. Patch will run successfully.
Action - For SMA v2.1, customers should download patch from Microsoft and install.
requests the exact version numbers of the AIM clients used, proof of
concept code and/or a description of how to reproduce the test.
*2007-09-14*: Email sent to AOL indicating that a second post with
additional information about the bug has been made by the third-party [2].
Core requests further details about this publicly disclosed bug and asks
AOL to provide the analysis that lead the AOL team to conclude that it is
of a different nature of those reported by Core. This email includes
detailed step-by-step instructions on how to bypass the server-side
filtering mechanism accompanied with the exact version number of the AIM
client used (6.1.41.2) and the sample code. Core's own analysis of current
publicly available information indicates that the bug is indeed of similar
requests the exact version numbers of the AIM clients used, proof of
concept code and/or a description of how to reproduce the test.
*2007-09-14*: Email sent to AOL indicating that a second post with
additional information about the bug has been made by the third-party [2].
Core requests further details about this publicly disclosed bug and asks
AOL to provide the analysis that lead the AOL team to conclude that it is
of a different nature of those reported by Core. This email includes
detailed step-by-step instructions on how to bypass the server-side
filtering mechanism accompanied with the exact version number of the AIM
client used (6.1.41.2) and the sample code. Core's own analysis of current
publicly available information indicates that the bug is indeed of similar
function 'FindMimeFromData' in 'URLMON.DLL'[5].
In the following section, proof of concept code is provided to
demonstrate the problem using the local storage used by Internet
Explorer to store the user's browsing history to deliver HTML with
scripting code and force IE to render it. This analysis is valid for any
Windows NT based operating system but should be slightly modified to run
under Windows Vista. It takes advantage of the following features:
1. The IE user's browsing history is compounded of different files
and folders. One of these files is named 'index.dat', and is usually
Microsoft Office Excel 2002 Service Pack 3
Microsoft Office XP Service Pack 3
IV. Exploits - PoCs & Binary Analysis
----------------------------------------
In-depth binary analysis of the vulnerability and a code exeution
exploit have been released by VUPEN through the VUPEN Binary Analysis
& Exploits Service :
# Apple / OS X security vulnerabilities
# SS7/Backbone telephony networks
# VoIP security
# Data Recovery, Forensics and Incident Response
# HSDPA / CDMA Security / WIMAX Security
# Network Protocol and Analysis
# Smart Card and Physical Security
# Virus and Worms
# WLAN, GPS, HAM Radio, Satellite, RFID and Bluetooth Security
# Analysis of malicious code
# Applications of cryptographic techniques
<<Previous Next>>
|
