<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Wed Apr 16 21:58:20 2014 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-14-092: (Pwn2Own) Adobe Flash ExternalInterface Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/it68CtcQjOU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/it68CtcQjOU" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-092/ <![CDATA[ZDI-14-091: (Pwn2Own) Apple Safari Heap Buffer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/nh9ScK0PK_I/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/nh9ScK0PK_I" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-091/ <![CDATA[ZDI-14-090: (Pwn2Own\Pwn4Fun) Apple Webkit JSStringJoiner Memory Corruption Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/uQBd9VCObpk/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple WebKit. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/uQBd9VCObpk" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-090/ <![CDATA[ZDI-14-089: (Pwn2Own) Google Chrome Directory Traversal Sandbox Escape Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/alvn0-Q6Wa8/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/alvn0-Q6Wa8" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-089/ <![CDATA[ZDI-14-088: (Pwn2Own) Google Chrome V8 Arbitrary Memory Read/Write Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/EBM2ZJAY7Jk/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/EBM2ZJAY7Jk" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-088/ <![CDATA[ZDI-14-087: (Pwn2Own) Google Chrome Clipboard Sandbox Escape Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/1y5NBEixBdI/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/1y5NBEixBdI" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-087/ <![CDATA[ZDI-14-086: (Pwn2Own) Google Chrome Blink Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/QsdViM8XLhs/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Google Chrome. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/QsdViM8XLhs" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-086/ <![CDATA[ZDI-14-085: (Pwn2Own) Mozilla Firefox TypedArrayObject Out-Of-Bounds Write Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/JZ1NVvZvo4Q/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/JZ1NVvZvo4Q" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-085/ <![CDATA[ZDI-14-084: (Pwn2Own) Mozilla Firefox ArrayBuffer Out-Of-Bounds Read/Write Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/SuuslT-J76g/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/SuuslT-J76g" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-084/ <![CDATA[ZDI-14-083: (Pwn2Own) Mozilla Firefox TypeObject Use-After-Free Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/LvAjw80cT-A/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mozilla Firefox. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/LvAjw80cT-A" height="1" width="1"/> Fri, 11 Apr 2014 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-14-083/