[Spanish] Software Exploitation
>> TAG: #exploit
[Spanish] Software Exploitation
Jira Scriptrunner 2.0.7
Zoner Photo Studio v15 Build 3 (Zps.exe) Registry Value Parsing Exploit
Apple Security Advisory 2012-11-07-1 – QuickTime version 7.7.3 is now available and addresses multiple buffer overflows, memory corruption, and use after free vulnerabilities.
BigAnt Server 2.52 SP5 SEH Stack Overflow ROP-based exploit (ASLR + DEP bypass)
Secunia Security Advisory – Two vulnerabilities have been reported in Apple Safari, which can be exploited by malicious people to compromise a user’s system.
Apple Security Advisory 2012-11-01-2 – Safari 6.0.2 is now available and addresses multiple arbitrary code execution vulnerabilities.
Apple QuickTime Player version 7.7.2 division by zero crash proof of concept exploit.
DropBox version 1.4.6 on iOS, 2.0.1 on Android, and Google Drive version 1.0.1 on iOS suffer from a file theft vulnerability due to allowing arbitrary javascript to be executed inside of the privileged file zone.
Whitepaper : Exploiting Transparent User Identification