[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <e2e992820910032032j3fdf2ecaiac628de251da740@mail.gmail.com>
Date: Sat, 3 Oct 2009 20:32:27 -0700
From: Freddie Vicious <fred.vicious@...il.com>
To: Berend-Jan Wever <berendjanwever@...il.com>,
full-disclosure@...ts.grok.org.uk
Subject: Re: Exploiting memory corruption vulnerabilities
on Internet Explorer 8
Yeah that's prrety obvious that there's one way or another to bypass DEP and
ASLR but if you chose not to share it and don't have anything useful to say,
it'll be better not to say anything.
On Thu, Oct 1, 2009 at 12:55 PM, Berend-Jan Wever
<berendjanwever@...il.com>wrote:
> FYI: ASLR & DEP can be bypassed on x86, there's just nothing public at the
> moment.
>
> Cheers,
>
> SkyLined
>
> Berend-Jan Wever <berendjanwever@...il.com>
> http://skypher.com/SkyLined
>
>
>
>
> On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious <fred.vicious@...il.com>wrote:
>
>> Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no
>> DEP/ASLR there... But as you said, so far there's no known "catch-all"
>> technique against IE8.
>> Along with other security features (
>> http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx)
>> this basicly means that IE8 is the most secure web browser nowadays?
>>
>> On Thu, Oct 1, 2009 at 8:27 AM, Jared DeMott <jared.demott@...ris.com>wrote:
>>
>>> I'm not aware of any catch-all technique just for IE8, though there are
>>> a few common ones like return oriented programming. Application
>>> specific techniques are also common when third party extensions are
>>> involved.
>>>
>>> --
>>> __________________________________________
>>> Jared D. DeMott
>>> Principal Security Researcher
>>>
>>>
>>
>>
>> --
>> Best wishes,
>> Freddie Vicious
>> http://twitter.com/viciousf
>>
>> _______________________________________________
>> Full-Disclosure - We believe in it.
>> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>> Hosted and sponsored by Secunia - http://secunia.com/
>>
>
>
--
Best wishes,
Freddie Vicious
http://twitter.com/viciousf
Content of type "text/html" skipped
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists