New flash zero-day vulnerability

Discussion in 'other security issues & news' started by BoerenkoolMetWorst, Dec 7, 2011.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    4,912
    Location:
    Outer space
  2. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,617
    Topic exists ;) Suggest thread merge.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Siljaline - two different things. The topic you linked is an Acrobat exploit.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    According to that site it should bypass the Chrome and IE9 sandboxes.
     
  5. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,617
    Apologies for the oversight, @ Hungry Man

    Carry on
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Easy mistake.

    I'm curious to see if this actually breaks the sandbox. I'm also wondering if it effects PPAPI.
     
  7. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,617
    Yup, none of us are perfect. As to the topic, Rich will likely come around and have a look under the hood. Or you could send a PM.

    Regards,

     
    Last edited: Dec 7, 2011
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Yeah I'm watching the video right now - didn't have a chance before.

    IT's been tested on IE8, IE7, multiple OS's (XP, 7, OSX) and I havne't gotten to the Chrome part yet.
     
  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    I tried to find the Actual exploit on there to DL & test, but couldn't find it ! Anyone know where it is Exactly ?

    TIA
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    IT's through an exploit page, which I guess he hosts on his Linux VM and then connects to through IP on his Windows 7 VM.

    IDK if it's available.

    He also didn't show Chrome in the video - not that I doubt it. I just want to know if it was the PPAPI or not - probably not.
     
  11. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,978
    @ Hungry Man

    Ahh so it's just a local exploit test ! OK thanks.

    It sounded/read like it was available. If an exploit test www page were made available, then more of us could test it on different OS's browsers & configs etc :thumb: Wonder why it isn't, as it would help all round ?

    Also on here https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html is this

    x.gif

    But there's no mention of it that i can see ?
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,146
    Perhaps they just haven't published it yet.

    It wasn't a local exploit though - it was remote.

    In the video he has 1 VM to host it and then he opens his browser in the 2nd VM and goes to the exploit page (hosted by VM1 ) or... something.
     
  13. Dude111

    Dude111 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    212
    Do they have a POC for this? (Im DLing the vid now)
     
  14. siljaline

    siljaline Registered Member

    Joined:
    Jun 29, 2003
    Posts:
    6,617
    From H-online

    More
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.