[This blog was primarily written by Xiaoning Li of Intel Labs, with assistance from Peter Szor of McAfee Labs.] In February 2013, the Adobe Product Security Incident Response Team (PSIRT) released
Category: ASLR
As promised in our previous blog entry for the recent Adobe Reader PDF zero-day attack, we now offer more technical details on this Reader “sandbox-escape” plan. In order to help reader
On February 7, Adobe issued a security bulletin warning of zero-day attacks that leverage two Flash vulnerabilities. One (CVE-2013-0634) is related to ActionScript regular expression handling. (Som
On June 1, McAfee Labs discovered a new Microsoft Internet Explorer zero-day attack that is active in the wild and exploits a use-after-free vulnerability. We have successfully reproduced it with t