[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y ] [Home]
4chanarchives logo
52 multiplatform vulnerabilities
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.

You are currently reading a thread in /g/ - Technology
Thread replies: 15
Thread images: 2
Anonymous
52 multiplatform vulnerabilities 2016-07-15 01:41:59 Post No. 55580908
[Report] Image search: [Google]
File: amm.jpg (32 KB, 600x608) Image search: [Google]
amm.jpg
32 KB, 600x608
52 multiplatform vulnerabilities Anonymous 2016-07-15 01:41:59 Post No. 55580908 [Report]
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html#table

>Platform: Windows, Macintosh, Linux and ChromeOS

>These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).

>These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).

>These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).

>These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).

>These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).

>These updates resolve a memory leak vulnerability (CVE-2016-4232).

>These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).

>These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178)
>>
Anonymous 2016-07-15 01:49:14 Post No.55580970
[Report]
Anonymous 2016-07-15 01:49:14 Post No.55580970 [Report]
>>55580908
>Adobe
This is why you need to extinguish hindus and their technology
>>
Anonymous 2016-07-15 01:54:11 Post No.55581011
[Report]
Anonymous 2016-07-15 01:54:11 Post No.55581011 [Report]
>>55580908
>oh look. it say "vulnerability". i need to spam it everywhere

do you even know what they are referring to. if you don't then you're an idiot for posting that.
>>
Anonymous 2016-07-15 01:57:33 Post No.55581044
[Report]
Anonymous 2016-07-15 01:57:33 Post No.55581044 [Report]
>use after free
>heap buffer overflow
>memory corruption

See, C is unsafe as fuck.
>>
Anonymous 2016-07-15 02:01:45 Post No.55581090
[Report]
Anonymous 2016-07-15 02:01:45 Post No.55581090 [Report]
>>55581011
https://cve.mitre.org/about/terminology.html

I understand you probably meant they are alone not exploits, but if you don't find this situation grave you should revise your standards.
>>
Anonymous 2016-07-15 02:08:49 Post No.55581159
[Report]
Anonymous 2016-07-15 02:08:49 Post No.55581159 [Report]
>>55581044
How are you sure this was written in C? For all we know it might even have been plain assembly.

Also, it is not like managed languages are fail proof.
>>
Anonymous 2016-07-15 02:10:48 Post No.55581175
[Report]
Anonymous 2016-07-15 02:10:48 Post No.55581175 [Report]
>>55581159
Pretty sure that Flash is not written in any assembly.

They don't have issues with them that are this bad.
>>
Anonymous 2016-07-15 02:12:21 Post No.55581195
[Report]
Anonymous 2016-07-15 02:12:21 Post No.55581195 [Report]
>>55581175
Well, surely not in full, but I would be surprised if there are not some parts of it that are.
>>
Anonymous 2016-07-15 02:18:07 Post No.55581251
[Report]
Anonymous 2016-07-15 02:18:07 Post No.55581251 [Report]
>>55581044
i can "recreate" all of that in any non-memory managed language

>inb4 i can crash a car by """forgetting""" to break on curves
>>
Anonymous 2016-07-15 02:20:31 Post No.55581274
[Report]
Anonymous 2016-07-15 02:20:31 Post No.55581274 [Report]
>>55581251
Ok, show me an example of use after free in python.
>>
Anonymous 2016-07-15 02:32:45 Post No.55581385
[Report] Image search: [Google]
Anonymous 2016-07-15 02:32:45 Post No.55581385 [Report]
File: py.png (465 KB, 1080x1573) Image search: [Google]
py.png
465 KB, 1080x1573
>>55581274
ill do you one better, ill fuck your ints
>>
Anonymous 2016-07-15 02:35:00 Post No.55581405
[Report]
Anonymous 2016-07-15 02:35:00 Post No.55581405 [Report]
>>55581385
Of course, IntStruct.from_address is a method you would accidentally use in your code.
>>
Anonymous 2016-07-15 02:39:57 Post No.55581467
[Report]
Anonymous 2016-07-15 02:39:57 Post No.55581467 [Report]
>>55581405
really nigga? is that your reply to
>i can crash stuff if i want to
>except in python
>yea i can
?
you do know static code analysis tools exist right? cmon...
>>
Anonymous 2016-07-15 03:28:31 Post No.55582040
[Report]
Anonymous 2016-07-15 03:28:31 Post No.55582040 [Report]
Kinda weird how they find half a dozen new vulnerabilities per week, every week for several years.
>>
Anonymous 2016-07-15 03:36:57 Post No.55582138
[Report]
Anonymous 2016-07-15 03:36:57 Post No.55582138 [Report]
>>55581274
No serious programmer uses Python though
Thread replies: 15
Thread images: 2
banner
banner
[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y] [Home]
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
If a post contains personal/copyrighted/illegal content you can contact me at [email protected] with that post and thread number and it will be removed as soon as possible.
DMCA Content Takedown via dmca.com
All images are hosted on imgur.com, send takedown notices to them.
This is a 4chan archive - all of the content originated from them. If you need IP information for a Poster - you need to contact them. This website shows only archived content.