exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from Code Audit Labs

First Active2007-07-31
Last Active2012-06-14
Opera 11.61 URL Spoof
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Opera versions 11.61 and below suffer from a website spoofing vulnerability.

tags | advisory, spoof
advisories | CVE-2012-3560
SHA-256 | 50da669bf3824d6c802a70da8d221a4f3190ef60b1128133a28548f02da68d04
Microsoft Internet Explorer 8 / 9 Toolbar Code Execution
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Microsoft Internet Explorer versions 8 and 9 suffer from a use-after-free vulnerability in the developer toolbar.

tags | advisory
advisories | CVE-2012-1874
SHA-256 | f7298e95d2549588ea1cd82324a1caedfe0a90734ffc624026081336553170f8
Microsoft Internet Explorer 8 Code Execution
Posted Jun 14, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a remote code execution vulnerability in Microsoft Internet Explorer 8 due to a use-after-free issue having to do with property ids.

tags | advisory, remote, code execution
advisories | CVE-2012-1875
SHA-256 | d90822cc1fdf82eaf50e354edf2ba9269a59ae2ff8196eb2ba50bfbd36cfe29b
Adobe Photoshop TIF Buffer Overflow
Posted May 9, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Photoshop EXTENDED versions CS5 12.0 and CS5.1 12.1 suffer from a TIF parsing heap buffer overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2012-2028
SHA-256 | 1c57d18bc8b121e5eec5591dd3db388f8274048b340a3437da7be973d0c7a7af
Adobe Shockwave Player Parsing block_cout Memory Corruption
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a memory corruption vulnerability when parsing the field of KEY_ATOM of Director File.

tags | advisory
advisories | CVE-2012-0759
SHA-256 | af4574067944693d217e9b7ad5562a6fcb4b45eb39479343f7c42d4faa4f340b
Adobe Shockwave Player Parsing Heap Overflow
Posted Feb 15, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Adobe Shockwave Player versions 11.6.x.x suffer from a parsing cupt atom heap overflow vulnerability.

tags | advisory, overflow
advisories | CVE-2012-0758
SHA-256 | 89f2974076f1ab581944249d3d66ef695b2f6a4ebb34ac4f04d4a2b08cf2e461
Opera 11.60 Array Integer Overflow
Posted Feb 3, 2012
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered an integer overflow vulnerability in array functions like Int32Array, Int16Array, etc in Opera versions 11.60 and below.

tags | exploit, overflow
SHA-256 | 5f2cdab0cad16a592541c73485c7b031f99c884d2a8fac52fc03b4527ba21f05
Adobe Shockwave Player Denial Of Service
Posted Nov 9, 2011
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Adobe Shockwave Player suffers from a director file parsing denial of service vulnerability.

tags | advisory, denial of service
advisories | CVE-2011-2448
SHA-256 | a6ce6c08710b2be298adcfee6425607f99829e28a0c0ff7cc5af4dcdc68dc795
Adobe Shockwave Player Memory Corruption
Posted Nov 9, 2011
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered that Adobe Shockwave Player suffers from a director file PAMM memory corruption vulnerability.

tags | advisory
advisories | CVE-2011-2446
SHA-256 | 8fa0331e11caebc74f418fca888a60b9a5de00d45ee773bf9557006f4fd13e66
Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite
Posted May 12, 2010
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used during a memory dereference a possible 4-byte memory overwrite may occur. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.

tags | advisory, remote, web
advisories | CVE-2010-1280
SHA-256 | a0f77eecd2a1403c980cb9c466c4691d6c105d645ef19b2d595726c654d1d978
Adobe Shockwave Player Director File Parsing Integer Overflow
Posted May 12, 2010
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a vulnerability allows remote attackers to execute code on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. When a malicious value is used extern to signed integer. Exploitation can lead to remote system compromise under the credentials of the currently logged in user.

tags | advisory, remote, web
advisories | CVE-2010-0129
SHA-256 | cf8e78b21a4eb4ac23bd52a6d488b0cc6e64d0a9c2ab1359260c09254c4e44f0
Adobe Shockwave Player Director File Parsing ATOM Size Infinite Loop
Posted May 12, 2010
Authored by Code Audit Labs | Site vulnhunt.com

Code Audit Labs has discovered a vulnerability on vulnerable installations of Adobe's Shockwave Player. User interaction is required in that a user must visit a malicious web site. The specific flaw exists when the Shockwave player attempts to load a specially crafted Adobe Director File. Exploitation can lead to remote system high cpu load (infinite loop).

tags | advisory, remote, web
advisories | CVE-2010-1282
SHA-256 | 0a144e4f9c1a09ee66a7a07dc51e8d46f392d77a7ee37b73e6d6eb2a5343baff
iDEFENSE Security Advisory 2010-01-12.1
Posted Jan 14, 2010
Authored by iDefense Labs, Code Audit Labs | Site idefense.com

iDefense Security Advisory 01.12.10 - Remote exploitation of a memory corruption vulnerability in multiple versions of Adobe Systems Inc.'s Reader and Acrobat PDF reader and processor could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when processing the Jp2c stream of a JpxDecode encoded data stream within a PDF file. During the processing of a JPC_MS_RGN marker, an integer sign extension may cause a bounds check to be bypassed. This results in an exploitable memory corruption vulnerability. iDefense has confirmed the existence of this vulnerability in latest version of Adobe Reader, at the time of testing, version 9.1.0. Previous versions may also be affected. Adobe has stated that all 9.2 and below versions, as well as all 8.1.7 and below versions are vulnerable.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3955
SHA-256 | 139823d91661e5fccdd9d31846177997f1dc0fdf3d4259d9e33d6b309d80589c
iDEFENSE Security Advisory 2009-01-12.4
Posted Jan 14, 2009
Authored by iDefense Labs, Code Audit Labs | Site idefense.com

iDefense Security Advisory 01.12.09 - Local exploitation of an arbitrary file rewrite vulnerability in Oracle Corp.'s Oracle Database 10g Release 2 database product allows attackers to gain elevated privileges. The vulnerability exists in a function that allows a user with an authenticated session to create any file or rewrite any files to which the database account has access. iDefense has confirmed the existence of this vulnerability in Oracle Database 10g Release 2 version 10.2.0.3.0 on 32-bit Linux platform and Windows platform. Previous versions may also be affected. Oracle Database 11g Release 1 version 11.1.0.6.0 is not affected by this vulnerability.

tags | advisory, arbitrary, local
systems | linux, windows
advisories | CVE-2008-3997
SHA-256 | 610c95b870b142b03e112907707ba9657094278aaa69f7396c8de41722da6c51
iDEFENSE Security Advisory 2008-10-29.1
Posted Oct 31, 2008
Authored by iDefense Labs, Sebastian Apelt, Code Audit Labs | Site idefense.com

iDefense Security Advisory 10.29.08 - Remote exploitation of multiple integer overflow vulnerabilities in OpenOffice versions 2.4.1 and earlier could allow an attacker to execute arbitrary code with the privileges of the current user. Integer overflow issues exist within the code responsible for parsing multiple EMR records within an EMF file. This allows an attacker to overflow heap memory with data they supplied. iDefense has confirmed the existence of this vulnerability in OpenOffice version 2.4.1.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2008-2238
SHA-256 | fdb454b37d786a9ada30ce36452df4141a400dde4634b766ff1948e16de69370
iDEFENSE Security Advisory 2007-08-21.1
Posted Aug 22, 2007
Authored by iDefense Labs, Code Audit Labs, Jun Mao | Site idefense.com

iDefense Security Advisory 08.21.07 - Remote exploitation of multiple buffer overflow vulnerabilities in Trend Micro Inc.'s ServerProtect anti-virus software could allow attackers to execute arbitrary code with system level privilege. iDefense has confirmed the existence of these vulnerabilities in ServerProtect for Windows 5.58 Build 1176 (Security Patch 3). Previous versions, as well as versions for other platforms, are suspected to be vulnerable.

tags | advisory, remote, overflow, arbitrary, vulnerability, virus
systems | windows
advisories | CVE-2007-4218
SHA-256 | 7f1808fdb1f4124d8b15e150fb6b841b986420fed5f6e4237994682cf8784611
CAL-20070730-1.txt
Posted Jul 31, 2007
Authored by Code Audit Labs | Site vulnhunt.com

The BlueSkyCat ActiveX control suffers from a remote heap overflow vulnerability. Versions 8.1.2.0 and below of v2.ocx are affected.

tags | exploit, remote, overflow, activex
SHA-256 | c2cff68e757ac77cdbcf509659f36a4117f7c3ebe93b060cd54b2951c40818ff
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close