WebEx Browser Extension Remote Code Execution Vulnerability

Introduction: Cisco WebEx is used to provide on-demand , online meeting, web conferencing and videoconferencing applications. It is has millions of users across the globe. Recently a remote code execution vulnerability was discovered by Google Project Zero team, with ID – CVE-2017-3823. The bug was report on January 19 2016. It allows the WebEx extension … Continue reading “WebEx Browser Extension Remote Code Execution Vulnerability”

Firefox SVG Animation Remote Code Execution CVE-2016-9079

Introduction: A zero day exploit against Tor Browser and FireFox has been observed in the wild. The exploit is initiated when a target accesses a compromised web page or web page hosted by an attacker. The vulnerability has been assigned CVE Id – 2016-9079, Bugzilla id – 1321066. The exploit targets a use after free vulnerability … Continue reading “Firefox SVG Animation Remote Code Execution CVE-2016-9079”

Windows Disk Cloning Vulnerability CVE-2016-7224

Introduction: Microsoft has released many fixes in the month of November, MS16-138 focuses on the virtual hard disk driver(VHD) vulnerabilities. In article we will be focusing on the CVE-2016-7224, Google Project Zero disclosed this vulnerability to microsoft. The vulnerability also compromises confidentiality as it leaks information. We will first provide some background about virtual disks … Continue reading “Windows Disk Cloning Vulnerability CVE-2016-7224”

IE Information Disclosure 0-day used in Malvertising campaigns and Neutrino EK

Introduction: The success of an exploit kit depends on many parameters infecting effective targets, avoiding honeypots, sandboxes and researchers who are always on the lookout for new exploit kits and expose it to world. An exploit kit that is stealthy will have a longer life time and gains more reputation. This is reflected in an EK’s capability … Continue reading “IE Information Disclosure 0-day used in Malvertising campaigns and Neutrino EK”

Dirty COW – CVE-2016-5195

Introduction: A privilege escalation vulnerability in Linux Kernel has been discovered by Phil Pester. The bug has been in existence since version 2.6.22 which was released in 2007 and has been fixed on Oct 18  2016. The bug allows an unprivileged authenticated local user to gain write access to read only memory mappings. A number … Continue reading “Dirty COW – CVE-2016-5195”

Windows Kernel Elevation of Privilege Vulnerability (CVE 2016-3371)

Introduction The Windows registry is a hierarchical tree with nodes called keys and each key can contain subkeys or values, a logical group of keys is called a hive. By default Windows has 7 standard hives .There are many reasons to target the registry to gain persistence by modifying entries, to obtain user and system … Continue reading “Windows Kernel Elevation of Privilege Vulnerability (CVE 2016-3371)”

Internet Explorer Information Disclosure Vulnerability (CVE-2016-3321)

Internet explorer can reveal the existence of a file based on how it handles file URIs like file://…, by default IE implements Local Machine Zone Lockdown (LMZL) to prevent access to file URIs  and alerts the user via error dialogue box irrespective of the existence of the file. Furthermore, IE restricts execution of scripts based on … Continue reading “Internet Explorer Information Disclosure Vulnerability (CVE-2016-3321)”