Смотрите также связанные темы
08.02.2018 MS13-005 (win32k.sys) exploit POC
MS13-005 (win32k.sys) The vulnerability could allow elevation of privilege if an attacker runs a specially crafted application. This security update is rated Important for all supported editions of Windows Vista, Windows Server 2008, Windows 7, Windows Server 2008 R2, Windows 8, Windows Server 2012, and Windows RT. For more information, see the subsection, Affected and Non-Affected Software, in this section. include <windows.h> #include <stdio.h> int main() { nbsp; STARTUPINFO si = {0}; nbsp; PROCESS_INFORMATION pi = {0}; nbsp; PC...
23.03.2018 CVE-2009-1046
The console selection feature in the Linux kernel 2.6.28 before 2.6.28.4, 2.6.25, and possibly earlier versions, when the UTF-8 console is used, allows physically proximate attackers to cause a denial of service (memory corruption) by selecting a small number of 3-byte UTF-8 characters, which triggers an "an off-by-two memory error." NOTE: it is not clear whether this issue crosses privilege boundaries.
26.02.2018 Linux Kernel 3.x Privilege Escalation Exploit
#include <unistd.h> #include <sys/socket.h> #include <linux/netlink.h> #include <netinet/tcp.h> #include <errno.h> #include <linux/if.h> #include <linux/filter.h> #include <string.h> #include <stdio.h> #include <stdlib.h> #...
12.06.2018 CVE-2012-0217
The User Mode Scheduler in the kernel in Microsoft Windows Server 2008 R2 and R2 SP1 and Windows 7 Gold and SP1 on the x64 platform does not properly handle system requests, which allows local users to gain privileges via a crafted application, aka "User Mode Scheduler Memory Corruption Vulnerability."
30.04.2018 Обход защиты от ROP в Windows 8
В Windows 8 было добавлено ряд нововведений, касающихся защиты от эксплоитов, включая защиту пользовательской кучи (userland heap) и кучи ядра (kernel heap), защиту от использования разыменований нулевого указателя в режиме ядра (kernel-mode) и защиту от неправильной эксплуатации таблиц указателей на виртуальные функции. Одно из нововведений связано с защитой от эксплоитов, использующих возвратно-ориентированное программирование (Return-oriented programming, ROP).
24.01.2018 CVE-2010-4255
The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when paravirtualization is enabled, does not verify that kernel mode is used to call the handle_gdt_ldt_mapping_fault function, which allows guest OS users to cause a denial of service (host OS BUG_ON) via a crafted memory access.
21.06.2018 Protecting Against Application-Specific Attacks
We’ve seen an evolution from mass-mailing viruses to more targeted attacks and threats targeting OS vulnerabilities moving to attacks against applications. We’ve seen growth in attacks targeting systems that contain valuable data, including mission-critical enterprise applications sitting in virtual environments, SAP solution-based environments and storage systems. Companies must take these threats seriously and look for [...]
18.10.2018 CVE-2015-5444
Multiple cross-site scripting (XSS) vulnerabilities in HP Smart Profile Server Data Analytics Layer (SPS DAL) 2.3 before 2.3.5 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
21.11.2018 CVE-2015-5787
The kernel in Apple iOS before 8.4.1 does not properly restrict debugging features, which allows attackers to bypass background-execution limitations via a crafted app.
31.01.2018 CVE-2016-1930
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 44.0 and Firefox ESR 38.x before 38.6 allow remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via unknown vectors.
|
