New flash zero-day vulnerability

Discussion in 'other security issues & news' started by BoerenkoolMetWorst, Dec 7, 2011.

Thread Status:
Not open for further replies.
  1. BoerenkoolMetWorst

    BoerenkoolMetWorst Registered Member

    Joined:
    Dec 22, 2009
    Posts:
    3,771
    Location:
    Outer space
  2. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Topic exists ;) Suggest thread merge.
     
  3. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Siljaline - two different things. The topic you linked is an Acrobat exploit.
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    According to that site it should bypass the Chrome and IE9 sandboxes.
     
  5. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Apologies for the oversight, @ Hungry Man

    Carry on
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Easy mistake.

    I'm curious to see if this actually breaks the sandbox. I'm also wondering if it effects PPAPI.
     
  7. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    Yup, none of us are perfect. As to the topic, Rich will likely come around and have a look under the hood. Or you could send a PM.

    Regards,

     
    Last edited: Dec 7, 2011
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yeah I'm watching the video right now - didn't have a chance before.

    IT's been tested on IE8, IE7, multiple OS's (XP, 7, OSX) and I havne't gotten to the Chrome part yet.
     
  9. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    I tried to find the Actual exploit on there to DL & test, but couldn't find it ! Anyone know where it is Exactly ?

    TIA
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    IT's through an exploit page, which I guess he hosts on his Linux VM and then connects to through IP on his Windows 7 VM.

    IDK if it's available.

    He also didn't show Chrome in the video - not that I doubt it. I just want to know if it was the PPAPI or not - probably not.
     
  11. CloneRanger

    CloneRanger Registered Member

    Joined:
    Jan 4, 2006
    Posts:
    4,833
    @ Hungry Man

    Ahh so it's just a local exploit test ! OK thanks.

    It sounded/read like it was available. If an exploit test www page were made available, then more of us could test it on different OS's browsers & configs etc :thumb: Wonder why it isn't, as it would help all round ?

    Also on here https://lists.immunityinc.com/pipermail/dailydave/2011-December/000402.html is this

    x.gif

    But there's no mention of it that i can see ?
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Perhaps they just haven't published it yet.

    It wasn't a local exploit though - it was remote.

    In the video he has 1 VM to host it and then he opens his browser in the 2nd VM and goes to the exploit page (hosted by VM1 ) or... something.
     
  13. Dude111

    Dude111 Registered Member

    Joined:
    Sep 30, 2008
    Posts:
    212
    Do they have a POC for this? (Im DLing the vid now)
     
  14. siljaline

    siljaline Former Poster

    Joined:
    Jun 29, 2003
    Posts:
    6,619
    From H-online

    More
     
Loading...
Thread Status:
Not open for further replies.