A double free vulnerability in Adobe Reader was disclosed. CVE-2018-4990 has been assigned to track this vulnerability. Upon successful exploitation an attacker can achieve arbitrary code execution. The vulnerability has been exploited in the wild via crafted pdf document. Adobe has released APSB18-09 to address this vulnerability. Please check the advisory for the list of affected … Continue reading “Adobe Reader Double Free Vulnerability : CVE-2018-4990”
Tag: Heap Spray
EternalBlue SMB Exploit
UPDATED: May 12, 2017 In what may be the first public weaponizing of April’s Shadow Brokers dump of NSA exploits, a ransomware attack has crippled IT systems globally and disrupted operations at major organizations, including patient services at UK hospitals. WannaCry exploits the ETERNALBLUE vulnerability and please refer to the Qualys blog on WannaCry for … Continue reading “EternalBlue SMB Exploit”