Analysis of a Heap Buffer-Overflow Vulnerability in Microsoft Windows Address Book By Eneko Cruz ElejaldeOverviewThis post analyzes a heap-buffer overflow in Microsoft Wi... 2021-08-05 21:26:46 | 阅读: 39 | 收藏 | blog.exodusintel.com wab windows security composite

Analysis of a Heap Buffer-Overflow Vulnerability in Adobe Acrobat Reader DC By Sergi MartinezThis post analyzes and exploits CVE-2021-21017, a heap buffer overflow repo... 2021-06-28 19:46:25 | 阅读: 263 | 收藏 | blog.exodusintel.com memory arraybuffer allocations dataview

Analysis of a use-after-free Vulnerability in Adobe Acrobat Reader DC By Sergi MartinezThis post analyses CVE-2020-9715, a use-after-free vulnerability affecting... 2021-04-21 02:11:55 | 阅读: 364 | 收藏 | blog.exodusintel.com esobject esstring arraybuffer dv memory

2021 Disclosure Policy March 17, 2021... 2021-03-18 01:16:48 | 阅读: 158 | 收藏 | blog.exodusintel.com informed whichever crowd exodusintel

Firefox Vulnerability Research Part 2 By Arthur Gerkis and David BarksdaleThis series of posts makes public some old Firefox rese... 2020-11-11 02:59:20 | 阅读: 146 | 收藏 | blog.exodusintel.com xul mozilla nsxpconnect privileged payload

Firefox Vulnerability Research By Arthur Gerkis and David BarksdaleThis series of posts makes public some old Firefox rese... 2020-10-21 01:54:01 | 阅读: 151 | 收藏 | blog.exodusintel.com cx mozilla 4d0f0000 funcindex

A EULOGY FOR PATCH-GAPPING CHROME Authors: István Kurucsai and Vignesh S RaoIn 2019 we looked at patch gapping Chrome on two... 2020-02-24 23:01:33 | 阅读: 111 | 收藏 | blog.exodusintel.com receiver jscreate proxy inferred

Patch-gapping Google Chrome Patch-gapping is the practice of exploiting vulnerabilities in open-source software that are al... 2019-09-09 17:57:00 | 阅读: 93 | 收藏 | blog.exodusintel.com fixedarray confusion transitions

Pwn2Own 2019: Microsoft Edge Sandbox Escape (CVE-2019-0938). Part 2 This is the second part of the blog post on the Microsoft Edge full-chain exploit. It provides... 2019-05-27 18:31:32 | 阅读: 116 | 收藏 | blog.exodusintel.com download 0000005d edgeiso 00007ffe emodel

Pwn2Own 2019: Microsoft Edge Renderer Exploitation (CVE-2019-0940). Part 1 This year Exodus Intelligence participated in the Pwn2Own competition in Vancouver. The chosen... 2019-05-20 01:41:23 | 阅读: 92 | 收藏 | blog.exodusintel.com 00000140 00007ffe edgehtml webcore typed

Windows Within Windows – Escaping The Chrome Sandbox With a Win32k NDay This post explores a recently patched Win32k vulnerability (CVE-2019-0808) that was used in the... 2019-05-17 23:53:05 | 阅读: 108 | 收藏 | blog.exodusintel.com windows chrome ppopupmenu tagwnd hwnd

A window of opportunity: exploiting a Chrome 1day vulnerability This post explores the possibility of developing a working exploit for a vulnerability already... 2019-04-03 18:38:42 | 阅读: 124 | 收藏 | blog.exodusintel.com turbofan memory contiguous

CVE-2019-5786: Analysis & Exploitation of the recently patched Chrome vulnerability This post provides detailed analysis and an exploit achieving remote code execution for the rec... 2019-03-21 00:27:01 | 阅读: 101 | 收藏 | blog.exodusintel.com arraybuffer chrome windows blink

Exploiting the Magellan bug on 64-bit Chrome Desktop Author: Ki Chan AhnIn December 2018, the Tencent Blade Team released an advisory for a bug the... 2019-01-23 14:59:01 | 阅读: 99 | 收藏 | blog.exodusintel.com preader stage chrome fts3 sqlite3

HPE Intelligent Management Center: a case study on the reliability of security fixes October 16, 2018... 2018-10-17 00:08:54 | 阅读: 107 | 收藏 | blog.exodusintel.com logmsg tftp brevity int8

To ../ or not to ../, that is the question September 13, 2018... 2018-09-14 01:28:41 | 阅读: 111 | 收藏 | blog.exodusintel.com ndr dcerpc startupinfo