m$ - :: Deepquest ::

The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This vulnerability allows for remote code execution. User interaction is required for this exploit in that the target must visit a malicious page or open a malicious file

Tags: facebook, javascript, Security

Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow

Posted by deepcore under Apple, exploit, facebook, iphone, m$, OSX security tools, Privacy, Security, tools, twitter, XSS (No Respond)

The BytePackedRaster.verify() method in Oracle Java versions prior to 7u25 is vulnerable to a signed integer overflow that allows bypassing of “dataBitOffset” boundary checks. This exploit code demonstrates remote code execution by popping calc.exe

Tags: exploit, Security

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

[webapps] – Sitecom N300/N600 Devices – Multiple Vulnerabilities

[webapps] – Adobe ColdFusion 9 Administrative Login Bypass

[remote] – Oracle Java BytePackedRaster.verify() Signed Integer Overflow

[webapps] – Samsung DVR Firmware 1.10 – Authentication Bypass

[remote] – Graphite Web Unsafe Pickle Handling

[webapps] – Bitbot C2 Panel gate2.php – Multiple Vulnerabilities

[papers] – Win32-Worm:VBS/Jenxcus.A Malware Report

[remote] – freeFTPd 1.0.10 (PASS Command) – SEH Buffer Overflow

Packet Storm Advisory 2013-0819-1 – Oracle Java BytePackedRaster.verify()

Packet Storm Exploit 2013-0819-1 – Oracle Java BytePackedRaster.verify() Signed Integer Overflow

Tabs Switcher

Categories

Archives

Meta

BLOGROLL