Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious fred.vici...@gmail.comwrote: Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no DEP/ASLR there... But as you said, so far there's no known catch-all technique against IE8. Along with other security features (

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

Yeah that's prrety obvious that there's one way or another to bypass DEP and ASLR but if you chose not to share it and don't have anything useful to say, it'll be better not to say anything. On Thu, Oct 1, 2009 at 12:55 PM, Berend-Jan Wever berendjanwe...@gmail.comwrote: FYI: ASLR DEP can be

[Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

Microsoft has released Internet Explorer 8 on March 19, 2009 and up to now there's no reliable method to exploit memory corruption vulnerabilities on it? I mean, on IE6 and IE7 we had SkyLined heap spray technique, first seen in the IFRAME overflow exploit [1] which have been used by almost every

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

Freddie Vicious wrote: Microsoft has released Internet Explorer 8 on March 19, 2009 and up to now there's no reliable method to exploit memory corruption vulnerabilities on it? I mean, on IE6 and IE7 we had SkyLined heap spray technique, first seen in the IFRAME overflow exploit [1] which

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

Yes, I am aware of the JVM and the Flash AVM heap spray techniques, no DEP/ASLR there... But as you said, so far there's no known catch-all technique against IE8. Along with other security features (

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

FYI: ASLR DEP can be bypassed on x86, there's just nothing public at the moment. Cheers, SkyLined Berend-Jan Wever berendjanwe...@gmail.com http://skypher.com/SkyLined On Thu, Oct 1, 2009 at 6:44 PM, Freddie Vicious fred.vici...@gmail.comwrote: Yes, I am aware of the JVM and the Flash

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

On Thu, 01 Oct 2009 21:55:37 +0200, Berend-Jan Wever said: FYI: ASLR DEP can be bypassed on x86, there's just nothing public at the moment. Is that I believe it can, but there's no proof yet, or based on non-public sources, I know for a fact it can? pgpGarY5dXHrE.pgp Description: PGP

Re: [Full-disclosure] Exploiting memory corruption vulnerabilities on Internet Explorer 8

Along with other security features (http://blogs.msdn.com/architecture/archive/2009/08/13/internet-explorer-8-rated-tops-against-malware-and-phishing-attacks.aspx) this basicly means that IE8 is the most secure web browser nowadays? If memory serves me right, it's been a while since we've