by Julien Ahrens | Monday, November 19, 2012 | Exploit
Here’s a working exploit for an already disclosed bug – including SafeSEH Bypass – and for the actual version, which is still vulnerable. Sadly. #!/usr/bin/python # Exploit Title: Format Factory v3.0.1 Profile File Handling Buffer Overflow...
by Julien Ahrens | Friday, November 9, 2012 | Exploit
My last advisory IA42 “Zoner Photo Studio v15 Build3 (Zps.exe) Registry Value Parsing Local Buffer Overflow” looks like a general exploitable vulnerability, but it is quite interesting to exploit because there is a major memory protection in use: SafeSEH....
by Julien Ahrens | Sunday, September 23, 2012 | Exploit
First of all…thanks b33f from fuzzysecurity.com for your hint which helped a lot in solving the reliability issue of my last exploit 🙂 ! In my last article I wrote about a missing reliable way of executing shellcode. I received a mail from b33f about the...
by Julien Ahrens | Sunday, September 16, 2012 | Exploit
My latest finding: A classic buffer overflow. And this time I’ve used the great mona.py script created by the corelan team to exploit the vulnerability. It helps to find memory addresses for all of your stack adjustment needs (beside this, the script...
by Julien Ahrens | Monday, July 2, 2012 | Exploit
My latest finding: Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability And…just a very, very, very quick and not reliable way of exploiting the vulnerability to execute some code. I’m working on a nicer(better) solution 🙂...
by Julien Ahrens | Wednesday, March 21, 2012 | Advisory, Exploit, RCE
This time I’ve found a more critical vulnerability with a CVSSv2 score of 7,5 coordinated by Secunia.com which has already been published on 2012-03-01, but due to a very unfortunate way of communication by Secunia, I haven’t been informed about the...
