labunixのブックマーク - はてなブックマーク

CVE-2012-1875 links and samples
CVE-2012-1875 Internet Explorer 8 exploit has been publ icly available from various sources for a few days. I am adding it here for reference. For analysis info, see the AlienVault link below and the Metasploit module and demo. P.S. In case you wonder, I have not stopped doing malware analysis, I still do, but as as a longer term offline project combined with studying/reading. I pause what I am do
labunix 2012/06/19
“contagio: CVE-2012-1875 links and samples”
リンク
Mar 2 CVE-2012-0754 SWF in DOC Iran's Oil and Nuclear Situation.doc
Update: March 9, 2012 - I added another sample donated by anonymous - it is the same exploit but embedded in an Excel spreadsheet. The details about this sample are highlighted in yellow below. This is a message from a targeted attack and quite possibly you already received a few on your own - there seem to be a new campaign underway using this new CVE-2012-0754 exploit. The vulnerability exists
labunix 2012/03/08
リンク
Feb 9 CVE-2011-1980 MSOffice DLL Loading vulnerability + Trojan Nflog
On February 9, 2012 Symantec disclosed that the previously patched MS Office insecure library loading vulnerability was exploited in the wild. DLL loading vulnerabilities were used in targeted attacks at least with two other exploits in 2011 and they did not reach epidemic proportions like it happend with CVE-2010-3333 RTF or some of the Adobe PDF exploits. I refer to Contagio: Sept. 23 CVE-2011-1
labunix 2012/02/17
リンク
1