New flash zero-day vulnerability

Discussion in 'other security issues & news' started by BoerenkoolMetWorst, Dec 7, 2011.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    BoerenkoolMetWorst, Dec 7, 2011
    #1
  2. siljaline

    siljaline Registered Member

    Topic exists ;) Suggest thread merge.
     
    siljaline, Dec 7, 2011
    #2
  3. Hungry Man

    Hungry Man Registered Member

    Siljaline - two different things. The topic you linked is an Acrobat exploit.
     
    Hungry Man, Dec 7, 2011
    #3
  4. Hungry Man

    Hungry Man Registered Member

    According to that site it should bypass the Chrome and IE9 sandboxes.
     
    Hungry Man, Dec 7, 2011
    #4
  5. siljaline

    siljaline Registered Member

    Apologies for the oversight, @ Hungry Man

    Carry on
     
    siljaline, Dec 7, 2011
    #5
  6. Hungry Man

    Hungry Man Registered Member

    Easy mistake.

    I'm curious to see if this actually breaks the sandbox. I'm also wondering if it effects PPAPI.
     
    Hungry Man, Dec 7, 2011
    #6
  7. siljaline

    siljaline Registered Member

    Yup, none of us are perfect. As to the topic, Rich will likely come around and have a look under the hood. Or you could send a PM.

    Regards,

     
    Last edited: Dec 7, 2011
    siljaline, Dec 7, 2011
    #7
  8. Hungry Man

    Hungry Man Registered Member

    Yeah I'm watching the video right now - didn't have a chance before.

    IT's been tested on IE8, IE7, multiple OS's (XP, 7, OSX) and I havne't gotten to the Chrome part yet.
     
    Hungry Man, Dec 7, 2011
    #8
  9. CloneRanger

    CloneRanger Registered Member

    I tried to find the Actual exploit on there to DL & test, but couldn't find it ! Anyone know where it is Exactly ?

    TIA
     
    CloneRanger, Dec 7, 2011
    #9
  10. Hungry Man

    Hungry Man Registered Member

    IT's through an exploit page, which I guess he hosts on his Linux VM and then connects to through IP on his Windows 7 VM.

    IDK if it's available.

    He also didn't show Chrome in the video - not that I doubt it. I just want to know if it was the PPAPI or not - probably not.
     
    Hungry Man, Dec 7, 2011
    #10
  11. CloneRanger

    CloneRanger Registered Member

    @ Hungry Man

    Ahh so it's just a local exploit test ! OK thanks.

    It sounded/read like it was available. If an exploit test www page were made available, then more of us could test it on different OS's browsers & configs etc :thumb: Wonder why it isn't, as it would help all round ?

    Also on here https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html is this

    x.gif

    But there's no mention of it that i can see ?
     
    CloneRanger, Dec 7, 2011
    #11
  12. Hungry Man

    Hungry Man Registered Member

    Perhaps they just haven't published it yet.

    It wasn't a local exploit though - it was remote.

    In the video he has 1 VM to host it and then he opens his browser in the 2nd VM and goes to the exploit page (hosted by VM1 ) or... something.
     
    Hungry Man, Dec 7, 2011
    #12
  13. Dude111

    Dude111 Registered Member

    Do they have a POC for this? (Im DLing the vid now)
     
    Dude111, Dec 9, 2011
    #13
  14. siljaline

    siljaline Registered Member

    From H-online

    More
     
    siljaline, Dec 9, 2011
    #14
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice