Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow
The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataBitOffset" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe
Packet Storm Advisory 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify()
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This vulnerability allows for remote code execution
Packet Storm Exploit 2013-0813-1 – Oracle Java IntegerInterleavedRaster.verify() Signed Integer Overflow
The IntegerInterleavedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of "dataOffsets[0]" boundary checks. This exploit code demonstrates remote code execution by popping calc.exe. It was obtained through the Packet Storm Bug Bounty program.
Packet Storm Advisory 0811-1 – Oracle Java storeImageArray()
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll. This vulnerability allows for remote code execution.
Oracle Java storeImageArray() Invalid Array Indexing Code Execution
Oracle Java versions prior to 7u25 suffer from an invalid array indexing vulnerability that exists within the native storeImageArray() function inside jre/bin/awt.dll.
Apple Quicktime 7 Invalid Atom Length Buffer Overflow
This Metasploit module exploits a vulnerability found in Apple Quicktime. The flaw is triggered when Quicktime fails to properly handle the data length for certain atoms such as 'rdrf' or 'dref' in the Alis record, which may result a buffer overflow by loading a specially crafted .mov file, and allows arbitrary code execution under the context of the user.
Apple Security Advisory 2013-07-02-1
Apple Security Advisory 2013-07-02-1 - Security Update 2013-003 is now available and addresses multiple arbitrary code execution vulnerabilities in QuickTime.
Apple Security Advisory 2013-06-18-1
Apple Security Advisory 2013-06-18-1 - Java for OS X 2013-004 and Mac OS X v10.6 Update 16 are now available and addresses multiple vulnerabilities that include arbitrary code execution issues.
Apple iOS Mobile Hotspots – Usability Versus Security
This is a whitepaper called Usability vs. Security: The Everlasting Trade-Off in the Context of Apple iOS Mobile Hotspots.
iOS App Hotspot Cracker
This application assists in generating an iOS hotspot cracking word list, which might be used in subsequent attacks on other hotspot users. The application also gives explanations and hints on how to crack a captured WPA2 handshake using well-known password crackers.