| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <EC5364DECBA9443286781714B06340C4@acros.si> Date: Tue, 24 May 2011 21:52:34 +0200 From: "ACROS Security Lists" <lists@...os.si> To: <bugtraq@...urityfocus.com>, <full-disclosure@...ts.grok.org.uk>, <cert@...t.org>, <si-cert@...es.si> Subject: The Anatomy of COM Server-Based Binary Planting Exploits Our new blog post describes in detail how the binary planting exploits we presented at Hack In The Box Amsterdam work. Watch a user on IE8/XP getting pwned by two single clicks on a web page, and a user on IE9/Win7 getting pwned by selecting an option from a context menu. http://blog.acrossecurity.com/2011/05/anatomy-of-com-server-based-binary.html or http://bit.ly/kWe3gw Last year we launched our Advanced binary planting research project aimed at exploring the exploitability of various binary planting bugs, and have since gathered a pile of interesting knowledge, some of which is finally ready to see the light of day. Enjoy the reading. Best regards, Mitja Kolsek CEO&CTO ACROS, d.o.o. Makedonska ulica 113 SI - 2000 Maribor, Slovenia tel: +386 2 3000 280 fax: +386 2 3000 282 web: http://www.acrossecurity.com ACROS Security: Finding Your Digital Vulnerabilities Before Others Do
Powered by blists - more mailing lists