exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 51 RSS Feed

Files from Sean Larsson

First Active2006-12-15
Last Active2011-09-14
iDefense Security Advisory 09.13.11 - Excel Integer Signedness
Posted Sep 14, 2011
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 09.13.11 - Remote exploitation of an integer signedness vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability is an integer signedness issue that leads to an invalid array indexing vulnerability. It is triggered by a certain record with a negative 'iax' field.

tags | advisory, remote, arbitrary
advisories | CVE-2011-1987
SHA-256 | 97bc0394f99e9d978267b86461be984afd78303388de888ffd6878ef285734b5
iDEFENSE Security Advisory 2011-02-08.2
Posted Feb 9, 2011
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.08.11 - Remote exploitation of a memory corruption vulnerability in Adobe Systems Inc.'s Reader could allow an attacker to execute arbitrary code with the privileges of the current user. JPEG2000 (JP2K) is an image file format similar to JPEG. In addition to JPEG markers, JP2K files also provide "boxes" that define different image properties. JP2K is one of the image formats supported by Adobe Reader and Acrobat. The vulnerability occurs when parsing a JPEG2000 file embedded inside of a PDF file. Several different JP2K record types are involved in the vulnerability. It is possible to increment a buffer index beyond the allocated data, and store pointers to file data at that location. This can result in the corruption of heap structures and application data, which leads to the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Adobe Reader and Acrobat versions 9.4 and 8.2.5. A full list of vulnerable Adobe products can be found in Adobe Security Bulletin APSB11-03.

tags | advisory, remote, arbitrary
advisories | CVE-2011-0602
SHA-256 | 9023fb241705e726e7f30ccce3136b242840184453dce8f68b6886351ba171bc
iDEFENSE Security Advisory 2010-08-03.1
Posted Aug 6, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 08.03.10 - Remote exploitation of a memory corruption vulnerability in Citrix Systems Inc.'s ICA Client could allow an attacker to execute arbitrary code with the privileges of the current user.

tags | advisory, remote, arbitrary
SHA-256 | 1768da12e479e45cc6ea17de1dba0a71ac403df7fd964f6721d635fd9bdc64ca
iDEFENSE Security Advisory 2010-03-09.4
Posted Mar 10, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXTUPLE record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXTUPLE record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0260
SHA-256 | 0ce96e514152fd2e39a14f6d90a2f11df679f07a29a783acaf69ad7b35b46079
iDEFENSE Security Advisory 2010-03-09.3
Posted Mar 10, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.09.10 - Remote exploitation of a heap overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an MDXSET record inside of the Excel Workbook globals stream. This record is used to store metadata for external data connections in the workbook. The vulnerability occurs when a MDXSET record is broken up into several records. This could allow an attacker to trigger a heap based buffer overflow by controlling both the allocation size of a heap buffer and the number of bytes copied into this buffer. iDefense has confirmed the existence of this vulnerability in Excel versions 2007 SP0, SP1, and SP2. Previous versions do not appear to be affected as they do not support parsing the record that triggers the vulnerability. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0261
SHA-256 | 77193ef3d20874264fedaa93e9df41c77a445408a2adbf53e0f52c7a05ed79da
iDEFENSE Security Advisory 2010-03-09.2
Posted Mar 10, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.09.10 - Remote exploitation of an uninitialized memory vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs due to Excel using a local function variable without properly initializing it. This error occurs when parsing several related records inside of an Excel worksheet. When Excel parses certain records in a particular order, a stack variable may not be initialized properly. If an attacker can control the area of memory used for this variable, then it is possible to execute arbitrary code on the targeted host. iDefense has confirmed the existence of this vulnerability in Excel versions 2003 SP3, 2007 SP0, SP1, and SP3 . Previous versions do not appear to be affected. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

tags | advisory, remote, arbitrary, local
advisories | CVE-2010-0262
SHA-256 | afa32145630344b33f79a25b11bebbadfa235ce38636dab4c79747202fc7a5aa
iDEFENSE Security Advisory 2010-03-09.1
Posted Mar 10, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.09.10 - Remote exploitation of a type confusion vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability is a type confusion vulnerability that occurs when parsing several related Excel record types. In this case, the type confusion is due to multiple records containing fields that identify the type of an object shared between them. By controlling memory outside of the bounds of the allocated heap chunk, an attacker can control a C++ object pointer used in a virtual function call. This can result in an area of memory being treated as a different type of object than it actually is, resulting in access outside of the bounds of the allocated object. iDefense has confirmed the existence of this vulnerability in all currently supported versions of Excel (2007 SP1/SP2, 2003 SP3, XP SP3), and also the currently unsupported Excel 2000 SP3. A full list of vulnerable Microsoft products can be found in Microsoft Security Bulletin MS10-017.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0258
SHA-256 | c520fac0cdcddff6b7b4da53bb2adfa8b2b1a95fa9ea34bc2f2783cc46550ee5
Microsoft Excel Malformed FEATHEADER Record Vulnerability
Posted Feb 15, 2010
Authored by Sean Larsson, jduck | Site metasploit.com

This Metasploit module exploits a vulnerability in the handling of the FEATHEADER record by Microsoft Excel. Revisions of Office XP and later prior to the release of the MS09-067 bulletin are vulnerable. When processing a FEATHEADER (Shared Feature) record, Microsoft used a data structure from the file to calculate a pointer offset without doing proper validation. Attacker supplied data is then used to calculate the location of an object, and in turn a virtual function call. This results in arbitrary code exection. NOTE: On some versions of Office, the user will need to dismiss a warning dialog prior to the payload executing.

tags | exploit, arbitrary
advisories | CVE-2009-3129
SHA-256 | 9b3639959e436c2af63dd333ef3f91333a796f538dda29fc89a0fd315c002e96
iDEFENSE Security Advisory 2010-02-09.3
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of an invalid array indexing vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing an "OEPlaceholderAtom" record. This record type is used to create a placeholder for an object (picture, text, etc.) on a slide. By providing a value greater than the size of an array, it is possible to corrupt stack memory beyond the bounds of the array with a fixed value. By overwriting critical structures like the saved return address, it is possible to execute arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0031
SHA-256 | d24ab20b5c6803e83455df245fd1d72cec4062ce382bd5942e5050ec5a1b7c50
iDEFENSE Security Advisory 2010-02-09.2
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of a use-after-free vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. This vulnerability occurs when parsing multiple "OEPlaceholderAtom" records present in a "msofbtClientData" container. This record type is used to create a placeholder for an object #picture, text, etc.# on a slide. When a certain series of these records are present, it is possible to trigger a use-after-free vulnerability, which can lead to the execution of arbitrary code.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0032
SHA-256 | dbd9b1e1b4fe84087828c9ac7476d63ad752095f77c348da83b6f055470ebb87
iDEFENSE Security Advisory 2010-02-09.1
Posted Feb 12, 2010
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 02.09.10 - Remote exploitation of a heap-based buffer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type, the "LinkedSlideAtom" record, is used to specify collaboration information for different slides. One of the fields in this record is used to specify the number of certain records that are present in the file. The code responsible for filling the array used to store the records does not perform any bounds checking when storing elements into the array. This results in a heap-based buffer overflow vulnerability.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2010-0030
SHA-256 | 0b18b14e0c9795855204e86c10b7b6ae28c39e0d8eb4143c1a19f92d340ad60c
iDEFENSE Security Advisory 2009-12-08.2
Posted Dec 10, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 12.08.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. iDefense has confirmed the existence of this vulnerability in WordPad version 5.1 for Windows XP SP3 and SP2. Other versions of Windows may also be affected. However, Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-2506
SHA-256 | 4a7ab1715bf7bf9f3e49fd7c137a769d655d1bc36bc533cc4eec0e9fb9cba6a6
iDEFENSE Security Advisory 2009-11-10.2
Posted Nov 17, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 11.10.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a FEATHEADER record within an Excel file. This record is used to store information common to multiple other records, and was introduced with Excel 2002 (XP). When certain fields of this record are set to a trigger value, it is possible to corrupt memory in such a way that the next 4 bytes in the record are treated as an object pointer. This pointer is then used to make a virtual function call, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in Excel versions 2007, 2003, and XP. The record that causes the vulnerability is not supported by Excel 2000, so it is not affected by this vulnerability.

tags | advisory, remote, arbitrary
advisories | CVE-2009-3129
SHA-256 | 5f80963ddf2ce93ca1f29af19a4ef71104925c85a3890129ab19e9b97edbffb6
iDEFENSE Security Advisory 2009-08-11.1
Posted Aug 23, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 08.11.09 - Remote exploitation of a stack based buffer overflow vulnerability in Microsoft Corp.'s Office Web Components 2000 could allow an attacker to execute arbitrary code with the privileges of the logged on user. When instantiating a Spreadsheet object, it is possible to pass the object a parameter that refers to an Excel file that will be retrieved and then loaded. By using a long string for the parameter, it is possible to case a stack based buffer overflow. iDefense has confirmed the existence of this vulnerability in Microsoft Office XP Service Pack 3.

tags | advisory, remote, web, overflow, arbitrary
advisories | CVE-2009-1534
SHA-256 | 7e86dfe50c26093d7d93ca00213f5b882ccab246101ee1b9ba9aba393a3b05fa
iDEFENSE Security Advisory 2009-06-09.1
Posted Jun 11, 2009
Authored by iDefense Labs, Sean Larsson, Joshua J. Drake | Site idefense.com

iDefense Security Advisory 06.09.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s Excel could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a Shared String Table (SST) record inside of an Excel file. This record is used to hold a table of strings that are used inside of the document. One of the fields in this record is a 32-bit integer that represents the number of unique strings in the table. This value is used to allocate an array of pointers to the strings contained inside of the table. When allocating this array, an integer overflow occurs in the calculation of its size. This leads to a heap based buffer overflow when the array is filled with pointers to strings from the file.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-0561
SHA-256 | 10b25a2ead8344835636ecbd2f58b22d735b49d76b8351d055defe853529e1ff
iDEFENSE Security Advisory 2009-05-12.9
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of an integer overflow vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of two related PowerPoint record types. The first record type is used to specify collaboration information for different slides. One of the fields in this record contains a 32-bit integer that is used to specify the number of a specific type of records that are present in the file. This integer is used in a multiplication operation that calculates the size of a heap buffer that will be used to store the records as they are read in from the file. The calculation can overflow, resulting in an undersized heap buffer being allocated. By providing a large value for the record count, and inserting enough dummy records, it is possible to trigger a heap based buffer overflow. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, overflow, arbitrary, vulnerability
advisories | CVE-2009-0221
SHA-256 | 84bba074996caa0939a7e44b41d9a7389b4b11a60328716bd8fa6f9a381fe0af
iDEFENSE Security Advisory 2009-05-12.8
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a heap corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the Notes container inside of the PowerPoint Document stream. This container is used to hold records related to notes that appear on the slides. By inserting a value into a container, it is possible to trigger a memory corruption vulnerability. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, and 2003 SP3.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-1130
SHA-256 | 7f7588e5d20993d1557ddc70301247408570fff65a0c66bc08fa4e5e6d678106
iDEFENSE Security Advisory 2009-05-12.7
Posted May 13, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 05.12.09 - Remote exploitation of a memory corruption vulnerability in Microsoft Corp.'s PowerPoint could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs during the parsing of the BuildList record. This record is a container for other records that describe charts and diagrams in the PowerPoint file. By inserting multiple BuildList records with ChartBuild containers inside of them, it is possible to trigger a memory corruption vulnerability during the parsing of the ChartBuild container's contents. This allows an attacker to control an object pointer, which can lead to attacker supplied function pointers being dereferenced. iDefense has confirmed the existence of these vulnerabilities in PowerPoint 2000 SP3, 2002 XP SP3, 2003 SP2, 2003 SP3, 2007, 2007 SP1, and PowerPoint Viewer 2003.

tags | advisory, remote, arbitrary, vulnerability
advisories | CVE-2009-0224
SHA-256 | 98683674d53180aca6ec380be9c8a25a413aab69fa225531f66abadcfa0bd397
iDEFENSE Security Advisory 2009-04-14.2
Posted Apr 15, 2009
Authored by iDefense Labs, Sean Larsson, Jun Mao | Site idefense.com

iDefense Security Advisory 04.14.09 - Remote exploitation of a stack buffer overflow vulnerability in Microsoft Corp.'s WordPad could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing the content of a Word97 format file. When reading in the data, the code uses a 32-bit integer from the file to check a buffer length while using the lower 16-bit value to do the actual copy. This results in a stack buffer overflow. This stack buffer is overwritten with data from the file. iDefense has confirmed the existence of this vulnerability in Wordpad on Windows 2000 SP4. Windows XP SP3 is not affected. Vista and Server 2008 are not affected as they no longer contain the Word97 converter.

tags | advisory, remote, overflow, arbitrary
systems | windows
advisories | CVE-2009-0235
SHA-256 | 619400cb987192e72c2d05da51ff52e996d4d4c10414389a155b0889e87cb2bf
iDEFENSE Security Advisory 2009-03-25.1
Posted Mar 26, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.25.09 - Remote exploitation of an integer signedness vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. As part of its font API, the JRE provides the ability to load a font from a remote URL. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_11 for Windows. Previous versions and versions for other platforms may also be affected.

tags | advisory, java, remote, arbitrary
systems | windows
SHA-256 | 3bc84907efc86fab9cc714244a3052994583300cd2f5c0cdbaf928ca680eb1b5
iDEFENSE Security Advisory 2009-03-24.1
Posted Mar 25, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 03.24.09 - Remote exploitation of a heap based buffer overflow vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a JBIG2-encoded stream inside of a PDF file. JBIG2 is an image encoding format that is primarily used for encoding monochrome images such as faxes. Acrobat Reader and Acrobat Professional versions 7.1.0, 8.1.3, 9.0.0 and prior versions are vulnerable.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2009-0928
SHA-256 | e7cfd89da7bd450aec69dbd1d239966531bfa5c6db9726eb7db2cf3f804a3158
iDEFENSE Security Advisory 2009-01-12.3
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of an uninitialized memory vulnerability in Research In Motion Ltd.'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, which is usually SYSTEM. The vulnerability occurs when parsing a data stream inside of a PDF file. Due to a logic error, it is possible to allocate an array of object pointers that is never initialized. This array is located on the heap. When the object that contains this array is destroyed, each pointer in the array is deleted. Since the memory is never properly initialized, whatever content was previously there is used. It is possible to control the chunk of memory that gets allocated for this array, which can lead to attacker-controlled values being used as object pointers. This results in the execution of arbitrary code when these pointers are deleted. iDefense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, arbitrary
SHA-256 | a32f982c4395b7c5889ee78df68e43c9f167aa38acbfef060b123138bc180740
iDEFENSE Security Advisory 2009-01-12.2
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of a heap overflow vulnerability in Research In Motion Ltd. (RIM)'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, usually SYSTEM. The vulnerability occurs when parsing a data stream inside of a PDF file. During parsing, a dynamic array is filled up with pointers to certain objects without properly checking to see whether the array is large enough to hold all of the pointers. By inserting a large number of pointers, it is possible to overflow the array, and corrupt object pointers. This can lead to the EIP register being controlled, which results in the execution of arbitrary code. Defense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | dbe2aeee0bfa5c0e9f6834239449ed5ed6148298a9df75a7d58c36cf6bcd68b9
iDEFENSE Security Advisory 2009-01-12.1
Posted Jan 14, 2009
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 01.12.09 - Remote exploitation of a heap overflow vulnerability in Research In Motion Ltd. (RIM)'s BlackBerry Enterprise Server could allow an attacker to execute arbitrary code with the privileges of the affected service, usually SYSTEM. The vulnerability occurs when parsing a certain stream inside of a PDF file. During parsing, a heap buffer is filled up with without properly checking to see whether the buffer is large enough to hold the current value. By inserting a large number of values, it is possible to overflow the buffer, and corrupt object pointers. This can lead to pointers being controlled, which results in the execution of arbitrary code. iDefense has confirmed the existence of this vulnerability in BlackBerry Enterprise Server version 4.1.5 and 4.1.6 (4.1 SP5, SP6). 4.1.6 is the most current version, as of the publishing of this report. This vulnerability was confirmed in BlackBerry Enterprise Server for Microsoft Exchange, but is believed to affect the Lotus and Novell versions as well. Previous versions may also be affected.

tags | advisory, remote, overflow, arbitrary
SHA-256 | 088ad6b29c5080b1d10d96f654db6a53804b4e7c72ffc0fb13352281510e21ab
iDEFENSE Security Advisory 2008-12-02.1
Posted Dec 4, 2008
Authored by iDefense Labs, Sean Larsson | Site idefense.com

iDefense Security Advisory 12.02.08 - Remote exploitation of a heap overflow vulnerability in Sun Microsystems Inc.'s Java JRE could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability exists within the font parsing code in the JRE. Various types of fonts are supported, one of which is the TrueType format font. The vulnerability occurs when processing TrueType font files. During parsing, improper bounds checking is performed, which can lead to a heap based buffer overflow. iDefense has confirmed the existence of this vulnerability in Sun Microsystem Inc.'s Java JRE version 1.6.0_07 for Windows. Previous versions and versions for other platforms may also be affected.

tags | advisory, java, remote, overflow, arbitrary
systems | windows
SHA-256 | c281806ed9fa3e749351d077f4638d4f3bb9c48e4b82e1c2431bf89b0c70d7e6
Page 1 of 3
Back123Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close