[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
The Anatomy of COM Server-Based Binary Planting Exploits
- To: <bugtraq@xxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxxx>, <cert@xxxxxxxx>, <si-cert@xxxxxxxx>
- Subject: The Anatomy of COM Server-Based Binary Planting Exploits
- From: "ACROS Security Lists" <lists@xxxxxxxx>
- Date: Tue, 24 May 2011 21:52:34 +0200
Our new blog post describes in detail how the binary planting exploits we
presented
at Hack In The Box Amsterdam work. Watch a user on IE8/XP getting pwned by two
single
clicks on a web page, and a user on IE9/Win7 getting pwned by selecting an
option
from a context menu.
http://blog.acrossecurity.com/2011/05/anatomy-of-com-server-based-binary.html
or
http://bit.ly/kWe3gw
Last year we launched our Advanced binary planting research project aimed at
exploring the exploitability of various binary planting bugs, and have since
gathered
a pile of interesting knowledge, some of which is finally ready to see the
light of
day. Enjoy the reading.
Best regards,
Mitja Kolsek
CEO&CTO
ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com
ACROS Security: Finding Your Digital Vulnerabilities Before Others Do