what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 17 of 17 RSS Feed

Files from Matthieu Bonetti

First Active2010-06-09
Last Active2012-10-25
Oracle Java Font Processing Glyph Element Memory Corruption
Posted Oct 25, 2012
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team has discovered a critical vulnerability in Oracle Java. Versions JRE / JDK 7u7 and below are affected. The vulnerability is caused by a memory corruption error within the "t2k.dll" component when processing certain glyph elements within a Font file, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, java, remote, web
SHA-256 | 66dc6819b2fe3e487c6074ac50782425eb1e8e4d69820a4cb144ef9adcd00ea1
Google Chrome WebKit Engine Child Tag Deletion Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting certain child tags in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page. Google Chrome versions prior to 14.0.835.202 are affected.

tags | advisory, remote, web
SHA-256 | a76cbf6bdbee711ebfce8dc173c64df62c4636a89ebcd164f53aaf43db1e466f
Google Chrome WebKit Engine Ruby Tag Stale Pointer
Posted Oct 7, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a vulnerability in Google Chrome. The vulnerability is caused by a stale pointer in the WebKit engine when deleting a Ruby tag and its children in a specific order, which could be exploited by remote attackers to compromise a vulnerable system via a specially crafted web page.

tags | advisory, remote, web, ruby
SHA-256 | f155029aeaa8cd2c97b5f87a4c567067ee56940483899fa350ddc410ece08479
Oracle Java ICC Profile "scrn" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | bd2b206e8cc01411d077ffd71f0fafae0c987444464bb20fda99e30bd818b823
Oracle Java ICC Profile "pseq" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 678973558fee6d7c54c5b90eec131c79bd3a0357dbfa4eb1520a4ec67f37cad6
Oracle Java ICC Profile "ncl2" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | e8f488754f08480d5e40ca95b2864ba0737678e88ade054dfd206889f6e07072
Oracle Java ICC Profile "mluc" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | 672490db1b7e734d96fdac53de3b57b95abfd9ee95d4201e9143bb6ef215fe8b
Oracle Java ICC Profile "bfd" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, arbitrary
SHA-256 | cf0e788d1c843e3352da1703694e7f2744be0104b724b21b9d4cf89d96e5290a
Oracle Java ICC Profile "clrt" Tag Integer Overflow
Posted Jun 10, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, java, web, overflow, arbitrary
SHA-256 | b9624b37a2d319db443cfde21d7b096739c7f479b3a17eae304af656f677d623
Apple Safari Text Nodes Remote Use-After-Free
Posted Apr 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
advisories | CVE-2011-1344
SHA-256 | 68273b636979cb1468a8090e5e58828a83e73978c0b22c05b24a4b9d3b8c295a
Apple Safari WebKit Block Dimensions Handling Integer Overflow
Posted Mar 15, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web, overflow
systems | apple
SHA-256 | 9ea8e14eaede3a9009c52340df2c57af7b693d761077f23322ac3fb77375bf67
Apple Safari WebKit Scroll Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 3eac3c011875096426021de4ca49199e1fcbfae351d58fd4ff58b13456d57a6c
Apple Safari WebKit Iframe Event Handling Remote Use-After-Free
Posted Mar 14, 2011
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain iframe events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.

tags | advisory, remote, web
systems | apple
SHA-256 | 80e96a9a3ad610f44e28f2afac84eacff444a571e1cc7649b9d31addcf586567
Apple Safari Selections Handling Use-after-free Vulnerability
Posted Nov 20, 2010
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling selections, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
SHA-256 | 59a2dbc0e79185188370ba50e0cb520c033c1c8611fd52c2f5070d1669fbd119
Apple Safari Scrollbar Handling Use-after-free Vulnerability
Posted Nov 20, 2010
Authored by Matthieu Bonetti, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free in WebKit when handling scrollbars, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.

tags | advisory, remote, web, arbitrary
systems | apple
SHA-256 | 62a3912023e72f43282e67320e6e2a3dfbbe98a67a2ac48f5ce807614829c2e5
Google Chrome Focus Processing Memory Corruption
Posted Sep 3, 2010
Authored by Matthieu Bonetti | Site vupen.com

VUPEN Vulnerability Research Team discovered a high risk vulnerability affecting Google Chrome. The vulnerability is caused by a memory corruption error when processing focus events, which could be exploited by remote attackers to potentially execute arbitrary code by tricking a user into visiting a specially crafted web page. Google Chrome versions prior to 6.0.472.53 are affected.

tags | advisory, remote, web, arbitrary
SHA-256 | 2295a6c5a62a9aab8f0009db39e9958b989b89bb1f3c39a635c47d462c9c9bfe
Apple Safari WebKit HTML Button Use-After-Free
Posted Jun 9, 2010
Authored by Matthieu Bonetti | Site vupen.com

Apple Safari WebKit suffers from a HTML button use-after-free vulnerability.

tags | advisory
systems | apple
advisories | CVE-2010-1392
SHA-256 | f36dcd883ac6b8ae5841337712b2ab864df2d80bbd1ba2cf60dff0d5f9bd52b2
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close