Sun, 06 Apr 2008

CVE-2007-0015 and reliable attack vectors

When CVE-2007-0015 was published by the Month of Apple Bugs team, their exploit used a QTL Quicktime playlist file for triggering the bug. Whether their decision was because of preventing the exploit from being used "en masse" or simply for testing a different, less classic attack vector, it's still worth noting that it could have worked far more efficiently via Safari, since Quicktime supports embedding playlist files and the Safari process address space would be easily subverted to ensure a higher degree of reliability when executing our payload.

Sometimes it's good to remember old flaws, and improve old exploit code. Sometimes it's even better to use new attack vectors on old flaws, too.

Navigation

• Home
• Contact us

Archives

• 2008 (15)
• November 2008 (1)
• October 2008 (2)
• September 2008 (5)
• July 2008 (2)
• April 2008 (1)
• March 2008 (2)
• January 2008 (2)
• 2007 (14)
• December 2007 (8)
• November 2007 (6)

Syndication

• RSS 2.0
• RSS
• Atom

Links

• Wiki
• Corporate site
• Lists

Send a tip

Meta

License

Subreption blog by Subreption LLC is Licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.