Use After Free – Page 3 – Computer Security Articles

Credit to Author: SSD / Maor Schwartz| Date: Thu, 23 Nov 2017 06:59:02 +0000

Vulnerability Summary The following advisory describes a Use-after-free vulnerability found in Linux kernel that can lead to privilege escalation. The vulnerability found in Netlink socket subsystem – XFRM. Netlink is used to transfer information between the kernel and user-space processes. It consists of a standard sockets-based interface for user space processes and an internal kernel … Continue reading SSD Advisory – Linux Kernel XFRM Privilege Escalation

Independent Securiteam

SSD Advisory – Linux Kernel AF_PACKET Use-After-Free

October 17, 2017 admin Privilege Escalation, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Maor Schwartz| Date: Tue, 17 Oct 2017 11:42:53 +0000

Vulnerabilities summary The following advisory describes a use-after-free vulnerability found in Linux Kernel’s implementation of AF_PACKET that can lead to privilege escalation. AF_PACKET sockets “allow users to send or receive packets on the device driver level. This for example lets them to implement their own protocol on top of the physical layer or to sniff … Continue reading SSD Advisory – Linux Kernel AF_PACKET Use-After-Free

Independent Securiteam

SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution

August 9, 2017 admin Remote Code Execution, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Maor Schwartz| Date: Wed, 09 Aug 2017 10:50:38 +0000

Vulnerability Summary The following advisory describes a use after free vulnerability that leads to remote code execution found in Acrobat Reader DC version 2017.009.20044. Credit A security researcher from, Siberas, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program Vendor response The vendor has released patches to address this vulnerability. For more information: … Continue reading SSD Advisory – Acrobat Reader DC – Stream Object Remote Code Execution

Independent Securiteam

SSD Advisory – Nitro Pro PDF Multiple Vulnerabilities

July 24, 2017 admin Directory Traversal, Remote Command Execution, SecuriTeam Secure Disclosure, Use After Free

Credit to Author: SSD / Maor Schwartz| Date: Mon, 24 Jul 2017 05:25:58 +0000

Vulnerabilities Summary The following advisory describes three vulnerabilities found in Nitro / Nitro Pro PDF. Nitro Pro is the PDF reader and editor that does everything you will ever need to do with PDF files. The powerful but snappy editor lets you change PDF documents with ease, and comes with a built-in OCR engine that … Continue reading SSD Advisory – Nitro Pro PDF Multiple Vulnerabilities