Aviv Raff On .NET
If at first you don't succeed; call it version 1.0
Saturday, February 18, 2006
Yeah, Microsoft does it too (again)

It appears that the severity of the new vulnerability found in Windows Media Player's plug-in for non-IE browsers was downplayed by Microsoft.

According to iDefense's advisory: "Due to unicode translations, shellcode characters are somewhat limited to character code values below 0×80". So, my assumption was that MS ranked this vulnerability with 'Important' severity instead of 'Critical' because of the un-feasibility of injecting a usefully shell-code.

Well, I guess I was wrong. Alphanumeric shell codes can be used, and also SkyLined heap spraying method. Both Proof-of-Concepts were demonstrated by H D Moore and Matthew Murphy.

Back to the books...


Saturday, February 18, 2006 1:00:39 AM UTC | Comments [0] | Security#
     All comments require the approval of the site owner before being displayed.
Name
E-mail
Home page

Comment (Some html is allowed: a@href@title, b, blockquote@cite, em, i, strike, strong, sub, super, u) where the @ means "attribute." For example, you can use <a href="" title=""> or <blockquote cite="Scott">.  

Enter the code shown (prevents robots):
Live Comment Preview
Subscribe: RSS 2.0 Atom 1.0
Copyright 2008 Aviv Raff, אביב ראף
newtelligence dasBlog 2.0.7226.0
Contact Me
RSS Feeds
  
Blogroll
 ælij arbel
 Avi Dardik
 Browser Fun
 Info Pull
 Itay Sagui
 Metasploit
 SkyLined
 The Og
Archive
July, 2008 (1)
May, 2008 (4)
April, 2008 (1)
January, 2008 (7)
December, 2007 (1)
November, 2007 (1)
October, 2007 (2)
September, 2007 (2)
August, 2007 (2)
July, 2007 (1)
June, 2007 (3)
March, 2007 (4)
January, 2007 (5)
December, 2006 (2)
November, 2006 (2)
October, 2006 (2)
September, 2006 (1)
August, 2006 (3)
July, 2006 (1)
June, 2006 (1)
April, 2006 (3)
March, 2006 (3)
February, 2006 (2)
January, 2006 (1)
December, 2005 (4)
October, 2005 (2)
September, 2005 (12)
Admin Login
Sign In
Disclaimer
The opinions expressed herein are my own personal opinions and do not represent my employer's view in anyway.