Hey there,
I was actually going to post about this myself, but OK :). For anyone
interested, Adobe recently released a patch for Flash Player that addressed
several vulnerabilities, one of which I discovered. I found a pretty
interesting way to get reliable execution by leveraging the mechanics of the
ActionScript Virtual Machine (AVM). Essentially the technique revolves
around being able to run unverified ActionScript, which is decidedly bad as
it turns out. As Dave already pointed out, the document is availables at
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf.
Enjoy!
-mark
PS. I still don't know anything about X.25!
On Sat, Apr 12, 2008 at 8:49 AM, Dave Aitel <dave.aitel_at_gmail.com> wrote:
> http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
>
> Word up to duke who once, long ago, was just another cool cat trying to
> learn X.25 on the Internet Relay Chat.
>
> -dave
>
>
> _______________________________________________
> Dailydave mailing list
> Dailydave_at_lists.immunitysec.com
> http://lists.immunitysec.com/mailman/listinfo/dailydave
>
>
_______________________________________________
Dailydave mailing list
Dailydave_at_lists.immunitysec.com
http://lists.immunitysec.com/mailman/listinfo/dailydave
Received on Apr 11 2008
Intro
