java

SUN Jucheck.exe – Untrusted Library Loading Execution Code

We have discovered that the product "Java/Jucheck.exe" presents a big hole regarding a DLL hijacking;The basis of this exploit is the way in which Pythonw works and how it loads DLL files More »

python

Pythonw Warnings.dll – Untrusted Library Loading Execution Code

We have discovered that the product "Pythonw" presents a big hole regarding a DLL hijacking;The basis of this exploit is the way in which Pythonw works and how it loads DLL files More »

MS9

Internet Explorer 9 – Iedvtool.dll Malformed HTML Null Pointer Dereference Vulnerability

We have discovered that the product "Internet Explore 9 / Developer Tool F12 " presents a big hole regarding a Remote NULL Pointer Dereference , crashing the application when you run special More »

java_logo[1]

Java VM: Java HotSpot(TM) Client VM – Access Violation Memory

We have discovered that the product "JRE 6.0_25 Java HotSpot(TM)Client VM" presents a big hole regarding an Access Violation Code , crashing the application when you run special code. More »

java

JRE 6.0_25 Java HotSpot(TM)Client VM – Access Violation Memory

We have discovered that the product "JRE 6.0_25 Java HotSpot(TM)Client VM " presents a big hole regarding an Access Violation Code,crashing the application when you run special code. More »

ibm_1

IBM.com – buzz.nsf – Cross-site Scripting/Remote Execution Code

We have discovered that the product "IBM Corporation" presents a big hole regarding a Cross-site Scripting/Remote Execution Code attacks. More »

wm_screen

Warner Music – SQL Injection/Remote Execution Code

We have discovered that the product warnermusic.com.ar presents a big hole regarding a Cross-site Scripting/Remote Execution Code attacks. More »

Mozilla-Firefox-5

Mozilla Firefox 5.0 – Malformed HTML Denial of Service Vulnerability

We have discovered that the product "Mozilla Firefox 5.x " presents a big hole regarding some special tags , and the application has a perfect Denial Of Service. More »

Microsoft Windows -Tipskins.dll Malformed HTML Null Pointer Dereference Vulnerability

September 13, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Microsoft  Windows Tipskins.dll
Date: 13/10/2011
Product: Microsoft Windows Vista/Seven Tipskins.dll
Vendor: Notified
Internal Id: MSRC 11642

We have discovered that the product “Microsoft Windows Vista/Seven Tipskins.dll” presents a big hole regarding a Remote NULL Pointer Dereference , crashing the application when you run special  code .

Read More

Microsoft Visual Studio 2010 – Vsabv10dt.dll Malformed HTML Null Pointer Dereference Vulnerability

September 13, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Microsoft Visual Studio 2010 / Vsabv10dt.dll
Date: 13/10/2011
Product: Microsoft Microsoft Visual Studio 2010/ VVsabv10dt.dll
Vendor: Notified
Internal Id: MSRC 11644

We have discovered that the product “Microsoft Visual Studio 2010 – Vsabv10dt.dll” presents a big hole regarding a Remote NULL Pointer Dereference , crashing the application when you run special  code .

Read More

Microsoft Office 2010 BCSAutogen.dll – Remote Unhandled exception Vulnerability

September 10, 2011   admevil   1 Comment

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Microsoft Office 2010 Component  BCSAutogen.dll
Date: 10/10/2011
Product: Microsoft Office 2010 Component  BCSAutogen.dll
Vendor: Notified
Internal Id: MSRC 11641

We have discovered that the product “Microsoft Office 14 Component  BCSAutogen.dll” presents a big hole regarding an unhandled exception rather than a memory corruption, crashing the application when you run special  code .

Read More

Quick Time Player 7.6.9 – ActiveX Control Buffer Overflow Vulnerability

September 06, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: QuickTimePlayer_7.6.9
Date: 06/09/2011
Product:QuickTimePlayer_7.6.9
Vendor Notified: 2 months ago  “Apple Inc  / bugreport.apple.com ”
Problem ID: 9753778

We have discovered that the product “QuickTimePlayer_7.6.9″ presents a big hole regarding an ActiveX Control Buffer Overflow, crashing the application when you run special code.


Read More

VMware Exe’s Files Affected – Access Violation Memory Vulnerability

September 05, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: VMware Virtual Image Editing Framework 4.0.0 build-111735
Date: 05/09/2011
Product:VMware Virtual Image Editing Framework 4.0.0 build-111735
Vendor Notified: VMware Inc.

We have discovered that the product “VMware Virtual Image Editing Framework 4.0.0 build-111735″ presents a big hole regarding an Access Violation Code , crashing the application when you run special code.


Read More

VMware Virtual Image Editing Framework – DLL Untrusted Library Loading Execution Code

September 05, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: VMware Virtual Image Editing Framework 4.0.0 build-111735
Date: 05/09/2011
Product: VMware Virtual Image Editing Framework
Vendor Notified: VMware Inc.

We have discovered that the product “VMware Virtual Image Editing Framework 4.0.0 build-111735″ presents a big hole as regard to DLL hijacking;The basis of this exploit is the way in which Python works and how it loads DLL files used by many applications, if an application calls a DLL without specifying an absolute path Windows will conduct a search for the DLL file in various set locations.

Read More

Microsoft Visual Studio 2010 – Vswizard.dll Malformed HTML Null Pointer Dereference Vulnerability

September 01, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Microsoft Visual Studio 2010
Date: 01/10/2011
Product: Microsoft Visual Studio 2010
Vendor: Notified
Internal Id: MSRC 11643

We have discovered that the product “Microsoft Visual Studio 2010″ presents a big hole regarding a Remote NULL Pointer Dereference , crashing the application when you run special  code .

Read More

Python 3.2 – DLL Untrusted Library Loading Execution Code

August 28, 2011   admevil   No comments

Author(s): Ivan Sanchez & Hernan Hegykozi
Contact Us: security@evilcode.com.ar
Versions: Python 3.1 3.2 Pythonw
Date: 28/08/2011
Product: Python
Vendor: Notified

We have discovered that the product “Python 3.1 / 3.2″ presents a big hole as regard to DLL hijacking;The basis of this exploit is the way in which Python works and how it loads DLL files used by many applications, if an application calls a DLL without specifying an absolute path Windows will conduct a search for the DLL file in various set locations.


Read More
« Older posts

  • Recent Comments

    • Arbaches: Java has a big hole, used by outsiders to control »
    • muhammad faisal: i like »
    • Ivan: Hi Jerr!! How are you doing? Ivan- »
    • Ivan: Hi ! How are you? Ivan- »
    • Ivan: Hello, Yeap! we are in FB /Twitter, How are you? »