[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y / ] [Home]
4chanarchives logo

52 multiplatform vulnerabilities

  1. Home
  2. Board: /g/ - Technology
  3. Reading: 52 multiplatform vulnerabilities
Thread replies: 15
Thread images: 2

Anonymous
52 multiplatform vulnerabilities 2016-07-15 01:41:59Post No. 55580908
[Report] Image search: [Google] [Yandex] [Bing]
File: amm.jpg (32KB, 600x608px) Image search: [Google] [Yandex] [Bing]
amm.jpg
32KB, 600x608px
52 multiplatform vulnerabilities Anonymous 2016-07-15 01:41:59 Post No. 55580908 [Report]
https://helpx.adobe.com/security/products/flash-player/apsb16-25.html#table

>Platform: Windows, Macintosh, Linux and ChromeOS

>These updates resolve a race condition vulnerability that could lead to information disclosure (CVE-2016-4247).

>These updates resolve type confusion vulnerabilities that could lead to code execution (CVE-2016-4223, CVE-2016-4224, CVE-2016-4225).

>These updates resolve use-after-free vulnerabilities that could lead to code execution (CVE-2016-4173, CVE-2016-4174, CVE-2016-4222, CVE-2016-4226, CVE-2016-4227, CVE-2016-4228, CVE-2016-4229, CVE-2016-4230, CVE-2016-4231, CVE-2016-4248).

>These updates resolve a heap buffer overflow vulnerability that could lead to code execution (CVE-2016-4249).

>These updates resolve memory corruption vulnerabilities that could lead to code execution (CVE-2016-4172, CVE-2016-4175, CVE-2016-4179, CVE-2016-4180, CVE-2016-4181, CVE-2016-4182, CVE-2016-4183, CVE-2016-4184, CVE-2016-4185, CVE-2016-4186, CVE-2016-4187, CVE-2016-4188, CVE-2016-4189, CVE-2016-4190, CVE-2016-4217, CVE-2016-4218, CVE-2016-4219, CVE-2016-4220, CVE-2016-4221, CVE-2016-4233, CVE-2016-4234, CVE-2016-4235, CVE-2016-4236, CVE-2016-4237, CVE-2016-4238, CVE-2016-4239, CVE-2016-4240, CVE-2016-4241, CVE-2016-4242, CVE-2016-4243, CVE-2016-4244, CVE-2016-4245, CVE-2016-4246).

>These updates resolve a memory leak vulnerability (CVE-2016-4232).

>These updates resolve stack corruption vulnerabilities that could lead to code execution (CVE-2016-4176, CVE-2016-4177).

>These updates resolve a security bypass vulnerability that could lead to information disclosure (CVE-2016-4178)
>>
Anonymous 2016-07-15 01:49:14 Post No.55580970
[Report]
Anonymous 2016-07-15 01:49:14 Post No.55580970 [Report]
>>55580908
>Adobe
This is why you need to extinguish hindus and their technology
>>
Anonymous 2016-07-15 01:54:11 Post No.55581011
[Report]
Anonymous 2016-07-15 01:54:11 Post No.55581011 [Report]
>>55580908
>oh look. it say "vulnerability". i need to spam it everywhere

do you even know what they are referring to. if you don't then you're an idiot for posting that.
>>
Anonymous 2016-07-15 01:57:33 Post No.55581044
[Report]
Anonymous 2016-07-15 01:57:33 Post No.55581044 [Report]
>use after free
>heap buffer overflow
>memory corruption

See, C is unsafe as fuck.
>>
Anonymous 2016-07-15 02:01:45 Post No.55581090
[Report]
Anonymous 2016-07-15 02:01:45 Post No.55581090 [Report]
>>55581011
https://cve.mitre.org/about/terminology.html

I understand you probably meant they are alone not exploits, but if you don't find this situation grave you should revise your standards.
>>
Anonymous 2016-07-15 02:08:49 Post No.55581159
[Report]
Anonymous 2016-07-15 02:08:49 Post No.55581159 [Report]
>>55581044
How are you sure this was written in C? For all we know it might even have been plain assembly.

Also, it is not like managed languages are fail proof.
>>
Anonymous 2016-07-15 02:10:48 Post No.55581175
[Report]
Anonymous 2016-07-15 02:10:48 Post No.55581175 [Report]
>>55581159
Pretty sure that Flash is not written in any assembly.

They don't have issues with them that are this bad.
>>
Anonymous 2016-07-15 02:12:21 Post No.55581195
[Report]
Anonymous 2016-07-15 02:12:21 Post No.55581195 [Report]
>>55581175
Well, surely not in full, but I would be surprised if there are not some parts of it that are.
>>
Anonymous 2016-07-15 02:18:07 Post No.55581251
[Report]
Anonymous 2016-07-15 02:18:07 Post No.55581251 [Report]
>>55581044
i can "recreate" all of that in any non-memory managed language

>inb4 i can crash a car by """forgetting""" to break on curves
>>
Anonymous 2016-07-15 02:20:31 Post No.55581274
[Report]
Anonymous 2016-07-15 02:20:31 Post No.55581274 [Report]
>>55581251
Ok, show me an example of use after free in python.
>>
Anonymous 2016-07-15 02:32:45 Post No.55581385
[Report] Image search: [Google] [Yandex] [Bing]
Anonymous 2016-07-15 02:32:45 Post No.55581385 [Report]
File: py.png (465KB, 1080x1573px) Image search: [Google] [Yandex] [Bing]
py.png
465KB, 1080x1573px
>>55581274
ill do you one better, ill fuck your ints
>>
Anonymous 2016-07-15 02:35:00 Post No.55581405
[Report]
Anonymous 2016-07-15 02:35:00 Post No.55581405 [Report]
>>55581385
Of course, IntStruct.from_address is a method you would accidentally use in your code.
>>
Anonymous 2016-07-15 02:39:57 Post No.55581467
[Report]
Anonymous 2016-07-15 02:39:57 Post No.55581467 [Report]
>>55581405
really nigga? is that your reply to
>i can crash stuff if i want to
>except in python
>yea i can
?
you do know static code analysis tools exist right? cmon...
>>
Anonymous 2016-07-15 03:28:31 Post No.55582040
[Report]
Anonymous 2016-07-15 03:28:31 Post No.55582040 [Report]
Kinda weird how they find half a dozen new vulnerabilities per week, every week for several years.
>>
Anonymous 2016-07-15 03:36:57 Post No.55582138
[Report]
Anonymous 2016-07-15 03:36:57 Post No.55582138 [Report]
>>55581274
No serious programmer uses Python though
Thread replies: 15
Thread images: 2
[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vp / vr / w / wg / wsg / wsr / x / y / ] [Home]
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
If a post contains personal/copyrighted/illegal content you can contact me at [email protected] with that post and thread number and it will be removed as soon as possible.
If a post contains illegal content, please click on its [Report] button and follow the instructions.
This is a 4chan archive - all of the content originated from them. If you need information for a Poster - you need to contact them.
This website shows only archived content and is not affiliated with 4chan in any way.
If you like this website please support us by donating with Bitcoin at 1XVgDnu36zCj97gLdeSwHMdiJaBkqhtMK