[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)
From: Berend-Jan Wever <berendjanwever@xxxxxxxxx>
Date: Fri, 12 Feb 2016 10:13:58 +0100

Hello everyone,

I've recently released examples on twitter of how to trigger two
security vulnerabilities in Microsoft Internet Explorer. These issue
were discovered last year and reported to Microsoft through ZDI.
Microsoft release security updates to address these issues last Tuesday.

CVE-2016-0061:
https://twitter.com/berendjanwever/status/697819335574843394

CVE-2016-0063:
https://twitter.com/berendjanwever/status/697818121835581441

Both were found through fuzzing inspired by Michal Zalewski's cross_fuzz
http://lcamtuf.blogspot.nl/2011/01/announcing-crossfuzz-potential-0-day-in.html

Cheers,

SkyLined

Prev by Date: [slackware-security] mozilla-firefox (SSA:2016-042-01)
Next by Date: HD Video Player v2.5 iOS - Multiple Web Vulnerabilities
Previous by thread: [slackware-security] mozilla-firefox (SSA:2016-042-01)
Next by thread: HD Video Player v2.5 iOS - Multiple Web Vulnerabilities
Index(es):
- Date
- Thread