Posts tagged Flash

11 min Exploits

Exploiting a 64-bit browser with Flash CVE-2015-5119 (Part 2)

This post is a continuation of Exploiting a 64-bit browser with Flash CVE-2015-5119 [/2015/07/31/supporting-a-64-bits-renderer-on-flash-cve-2015-5119] , where we explained how to achieve arbitrary memory read/write on a 64-bit IE renderer. As a reminder, we are targeting Windows 8.1 / IE11 (64 bits) with Flash Of course, this write-up may contain a few errors, so your mileage may vary =) Where we left off before, we had created an interface to work with memory by using a corrupted

3 min Exploits

Exploiting a 64-bit browser with Flash CVE-2015-5119

Some weeks ago, on More Flash Exploits in the Framework [/2015/06/30/more-on-flash-exploits-into-the-framework], we introduced the flash_exploiter library, which is used by Metasploit to quickly add new Flash exploit modules. If you read that blog entry, then you already know that flash_exploiter only supports 32-bit browsers (renderers). In this blog post, we will demonstrate initial steps in adding IE11 64-bit support to CVE-2015-5119 [] , which is o

2 min Microsoft

Patch Tuesday - September 2014

It's a light round of Microsoft Patching this month.  Only four advisories, of which only one is critical.  The sole critical issue this month is the expected Internet Explorer roll up affecting all supported (and likely some unsupported) versions.  This IE roll up addresses 36 privately disclosed Remote Code Execution issues and 1 publically disclosed Information Disclosure issue which is under limited attack in the wild. This will be the top patching priority for this month. Of the three no