Home page logo

fulldisclosure logo Full Disclosure mailing list archives

The Anatomy of COM Server-Based Binary Planting Exploits
From: "ACROS Security Lists" <lists () acros si>
Date: Tue, 24 May 2011 21:52:34 +0200

Our new blog post describes in detail how the binary planting exploits we presented
at Hack In The Box Amsterdam work. Watch a user on IE8/XP getting pwned by two single
clicks on a web page, and a user on IE9/Win7 getting pwned by selecting an option
from a context menu.


Last year we launched our Advanced binary planting research project aimed at
exploring the exploitability of various binary planting bugs, and have since gathered
a pile of interesting knowledge, some of which is finally ready to see the light of
day. Enjoy the reading.

Best regards,

Mitja Kolsek

ACROS, d.o.o.
Makedonska ulica 113
SI - 2000 Maribor, Slovenia
tel: +386 2 3000 280
fax: +386 2 3000 282
web: http://www.acrossecurity.com

ACROS Security: Finding Your Digital Vulnerabilities Before Others Do

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  By Date           By Thread  

Current thread:
  • The Anatomy of COM Server-Based Binary Planting Exploits ACROS Security Lists (May 24)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]