contagio

Pages

  • Home
  • Search the Interwebs

Mobile and print friendly view |

Tuesday, June 8, 2010

Jun 8 Adobe 0 Day CVE-2010-1297 POC by Joshua J. Drake.

CVE-2010-1297. The vulnerability (CVE-2010-1297) causes the application to crash and could be used to run arbitrary code. This means that the malicious files could be downloaded or dropped on the affected system.

CVE-2010-1297 POC by Joshua J. Drake.
http://qoop.org
http://twitter.com/jduck1337/


 POC here (will crash your browser) http://qoop.org/security/poc/cve-2010-1297  

The POC is based on the same sample as here   Jun 7 Adobe 0 day CVE-2010-1297 11d2f8d754f3e52893c631f0.pdf


 Download  POC files (password infected)






Posted by Mila at 11:56 AM Tags: - ADOBE FLASH 10.0.45.2, - ADOBE READER + ACROBAT 9.3.2, CVE-2010-1297, Samples

No comments:

Post a Comment

Newer Post Older Post Home
Subscribe to: Post Comments (Atom)
Home

Shared by

Mila
@ you can find my email address in my profile
View my complete profile

About contagio

Contagio is a collection of the latest malware samples, threats, observations, and analyses. Note: Zip files passwords: Contact me via email (see my profile) for the passwords or the password scheme. If you see errors, typos, etc, please let me know.

Malware samples are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection.

About Contagio Mobile

aka "take a sample, leave a sample" Contagio mobile mini-dump is a part of contagiodump.blogspot.com.

Blog Archive

  • ►  2019 (4)
    • ►  October (3)
    • ►  June (1)
  • ►  2018 (1)
    • ►  March (1)
  • ►  2017 (4)
    • ►  October (1)
    • ►  March (2)
    • ►  February (1)
  • ►  2016 (4)
    • ►  August (2)
    • ►  March (1)
    • ►  February (1)
  • ►  2015 (6)
    • ►  August (1)
    • ►  May (1)
    • ►  March (1)
    • ►  February (2)
    • ►  January (1)
  • ►  2014 (5)
    • ►  November (3)
    • ►  October (1)
    • ►  July (1)
  • ►  2013 (17)
    • ►  November (1)
    • ►  September (1)
    • ►  August (2)
    • ►  June (1)
    • ►  May (1)
    • ►  April (2)
    • ►  March (3)
    • ►  February (5)
    • ►  January (1)
  • ►  2012 (59)
    • ►  December (15)
    • ►  November (3)
    • ►  October (3)
    • ►  September (3)
    • ►  August (9)
    • ►  July (2)
    • ►  June (5)
    • ►  May (6)
    • ►  April (7)
    • ►  March (3)
    • ►  February (2)
    • ►  January (1)
  • ►  2011 (77)
    • ►  December (1)
    • ►  November (4)
    • ►  October (8)
    • ►  September (7)
    • ►  August (4)
    • ►  July (8)
    • ►  June (13)
    • ►  May (4)
    • ►  April (11)
    • ►  March (8)
    • ►  February (4)
    • ►  January (5)
  • ▼  2010 (191)
    • ►  December (4)
    • ►  November (9)
    • ►  October (4)
    • ►  September (10)
    • ►  August (17)
    • ►  July (19)
    • ▼  June (20)
      • Jun 30 CVE-2010-1297 PDF 2020 National Defense Ind...
      • Jun 30 CVE-2009-3129 XLS Mission to China Permanen...
      • Jun 28 CVE-2010-1297 Global Economic Policies and ...
      • Malware Analysis and Forensics tools links
      • Jun 27 CVE-2009-0927 PDF Discussion on cross-str...
      • Ru-Eng-Eng Glossary. Russian (human computer slang...
      • Jun 17 Win XP (SP2, SP3) 0-Day - CVE-2010-1885 Sa...
      • Jun 21 CVE-2010-1297 PDF Adobe 0-Day About the rec...
      • Jun 20 CVE-2010-1297 PDF Adobe 0-Day Meeting age...
      • Jun 21 CVE-2010-1297 PDF About the recent US-Japan...
      • Jun 20 CVE-2010-1297 PDF Meeting agenda from alexi...
      • Jun 14 CVE-2010-1297 PDF Adobe 0-Day WEO from sac...
      • A Collection of Web Backdoors & Shells – from DK (...
      • Jun 8 CVE-2009-4324 Korean Peninsula Situation fro...
      • Jun 8 Adobe 0 Day CVE-2010-1297 Analysis
      • Jun 8 Adobe 0 Day CVE-2010-1297 POC by Joshua J. ...
      • Jun 7 Adobe 0 day CVE-2010-1297 11d2f8d754f3e52893...
      • Exploit that cannot be named - I don't have it, it...
      • CVE-2010-0188 + CVE-2009-4324 PDF The information ...
      • June 5 Twitter Bifrost spreader h1.ripway.com and ...
    • ►  May (16)
    • ►  April (22)
    • ►  March (25)
    • ►  February (15)
    • ►  January (30)
  • ►  2009 (56)
    • ►  December (27)
    • ►  November (14)
    • ►  October (7)
    • ►  September (2)
    • ►  June (2)
    • ►  May (3)
    • ►  April (1)
  • ►  2008 (1)
    • ►  May (1)

Shortcuts

  • RE blogs collection
  • Mobile Malware mini-dump. Take a sample, leave a sample.
  • Mobile Malware Google Group
  • CURRENT PDF THREATS - Malware Tracker
  • Defcon 18 Materials (CD)- 2010 Las Vegas
  • Black Hat USA 2010 (Las Vegas and DC) materials
  • ************** ViCheck.ca - Malware check tool*************
  • APT malware
  • APT - Advanced Persistent Threat / Targeted Attacks links
  • Collection of Web Backdoors & Shells
  • Dictionary. Ru (computer slang) - Eng (Google machine) - Eng (human)
  • Malware Analysis -- Links and resources for malware samples
  • Malware Analysis and Forensics tools links
  • Overview of Exploit Packs
  • Crimepack 3.1.3 Exploit kit info
  • Phoenix 2.0 Exploit kit
  • Top Twenty (Former Top Ten) targeted attack emails of 2009-2010
  • ZeuS Version scheme by the trojan author
  • Zeus Trojan Research Links

Categories - sort of

  • - HTA files (1)
  • - JAVA (16)
  • - MOBILE MALWARE (6)
  • - OSX (10)
  • alienspy (1)
  • APT1 (1)
  • Aurora (2)
  • Autocad (1)
  • Backdoor.Olyx (1)
  • Backdoor.Wirenet (1)
  • batchwiper (1)
  • Black SEO (1)
  • blackhole 2 (1)
  • Blackshades (1)
  • botnets (5)
  • Chapro (1)
  • CONFICKER (1)
  • Cridex (1)
  • Crimepack (2)
  • Crisis (1)
  • cuckoo sandbox (1)
  • CVE-2006-2389 (1)
  • CVE-2006-2492 (1)
  • CVE-2007-0071 (1)
  • CVE-2007-5659 (5)
  • CVE-2008-0081 (1)
  • CVE-2008-0655 (1)
  • CVE-2008-2992 (4)
  • CVE-2008-3005 (1)
  • CVE-2008-4841 (1)
  • CVE-2008-5353 (7)
  • CVE-2009-0556 (4)
  • CVE-2009-0563 (1)
  • CVE-2009-0658 (2)
  • CVE-2009-0806 (1)
  • CVE-2009-0927 (10)
  • CVE-2009-1129 (1)
  • CVE-2009-1869 (1)
  • CVE-2009-3129 (9)
  • CVE-2009-3867 (7)
  • CVE-2009-3957 (1)
  • CVE-2009-4324 (66)
  • CVE-2010-0188 (30)
  • CVE-2010-0806 (4)
  • CVE-2010-1240 (1)
  • CVE-2010-1297 (12)
  • CVE-2010-1885 (1)
  • CVE-2010-2568 (2)
  • CVE-2010-2883 (13)
  • cve-2010-3333 (11)
  • CVE-2010-3654 (3)
  • CVE-2010-3970 (1)
  • CVE-2010-4091 (1)
  • CVE-2011-0609 (1)
  • CVE-2011-0611 (11)
  • CVE-2011-1980 (1)
  • CVE-2011-1991 (1)
  • CVE-2011-2462 (1)
  • cve-2012-0158 (4)
  • CVE-2012-0506 (1)
  • CVE-2012-0507 (1)
  • CVE-2012-0754 (1)
  • CVE-2012-0779 (1)
  • CVE-2012-1535 (3)
  • CVE-2012-1875 (1)
  • CVE-2012-1889 (2)
  • CVE-2012-4681 (1)
  • CVE-2012-4969 (1)
  • CVE-2012-5076 (1)
  • Dark Comet (1)
  • darkmagie (1)
  • Daws (1)
  • DeepEnd (1)
  • Dexter (1)
  • Dirt Jumper (1)
  • distrack.a (1)
  • Duqu (2)
  • exploit kits (1)
  • exploit pack (1)
  • Flamer (2)
  • flashback (4)
  • Gauss (1)
  • Gh0stnet backdoor (1)
  • gmail (1)
  • High-Tech Bridge (4)
  • Hikit (1)
  • I2p (1)
  • inReverse blog (5)
  • Jokra (1)
  • jsp-reverse (1)
  • Linux (9)
  • Makadocs (1)
  • malware links (2)
  • malware samples links (1)
  • Malware Zoo (6)
  • mebromi (1)
  • Medre (1)
  • Memory (1)
  • Memory Analysis (1)
  • MHTML (1)
  • Mobile Malware Group (1)
  • Morto (1)
  • Narilam (1)
  • OCJP (1)
  • Onionduke (1)
  • OSX (3)
  • OSX/Dockster.A (1)
  • OSX/iMuler (1)
  • OSX/Revir (1)
  • PDF cuckoo (1)
  • php-backdoor (1)
  • ransomware (1)
  • RAT (9)
  • Redline (1)
  • rootkit (9)
  • Rootkit ZeroAccess (aka MAX++) (1)
  • RTLO (2)
  • Rustock (1)
  • Sanny (1)
  • Sender IPs (1)
  • shylock (2)
  • sirefef (1)
  • Skynet (1)
  • Skype Dorkbot (1)
  • Sources (2)
  • Spyeye (1)
  • Stabuniq (1)
  • Stuxnet (4)
  • taidoor (14)
  • Tbot (1)
  • TDL (2)
  • TDL4 purple haze (1)
  • Tinba (1)
  • TOOLS (5)
  • Tor (1)
  • trojan.osx.boonana.a (1)
  • TWITTER (1)
  • Vir-Win32/Spy.Silon.AA (1)
  • Vobfus (1)
  • Volatility (2)
  • Win32/Ramnit (1)
  • Win32/Trojan.Agent.AXMO (1)
  • wirelurker (1)
  • worm (5)
  • worm;Qakbot (1)
  • xpaj (1)
  • Xtreme RAT (2)
  • Zeroaccess (2)
  • Zeus (5)
  • Zusy (1)

Blog List

  • 0day.jp (ゼロデイ.JP)
    #OCJP-136: 「FHAPPI」 Geocities.jpとPoison Ivy(スパイウェア)のAPT事件
    2 years ago
  • Andre' M. DiMino SemperSecurus
    Another look at a cross-platform DDoS botnet
    5 years ago
  • Antivirus Comparison. Compare antivirus reviews and ratings
  • Axtaxt's Blog
    Analyzing the “ecological footprint” of java algorithms
    5 years ago
  • Carnal0wnage & Attack Research Blog
    Minecraft Mod, Follow up, and Java Reflection
    4 months ago
  • chackraview.net
  • Crucial Security Forensics Blog
    SANS DFIR Summit in Austin, TX
    7 years ago
  • CyberESI
    Measuring up to the NIST Cybersecurity Framework: A Q&A with Matt Barrett
    3 months ago
  • Didier Stevens
    Shark Jack Capture File
    1 week ago
  • extraexploit
    extraexploit memories
    6 years ago
  • F-Secure Antivirus Research Weblog
    Soon…
    3 years ago
  • FireEye Malware Intelligence Lab
    YAJ0: Yet Another Java Zero-Day
    6 years ago
  • Forensics from the sausage factory
    Imaging drives protected with Apple FileVault2 encryption
    4 years ago
  • inREVERSE
    Correctly Getting Your Liquor, Beer as well as Wine Supply Order
    3 years ago
  • Krebs on Security
    Patch Tuesday Lowdown, October 2019 Edition
    2 days ago
  • Malware Diaries
  • Nart Villeneuve
    “Commodity Malware” is not the Opposite of Targeted Malware
    5 months ago
  • Reversemode
    Project Basecamp - Attacking ControlLogix
    3 years ago
  • StopMalvertising RSS Feed
    ZeuS GameOver uses .NET cryptor and invites Zemot
    4 years ago
  • Targeted Email Attacks
    Hiatus
    2 years ago
  • The Dark Visitor
    Unnatural Selection by Mara Hvistendahl
    8 years ago
  • Veiled Shadows
    No more echo chambers.
    8 years ago
  • Xecure Lab
    注意! ,最新 CVE-2014-4114 PPSX 漏洞已經被利用在攻擊台灣政府單位的APT中 ! Xecure lab discovers new variant of CVE-2014-4114 in Taiwan APT attacks (CVE-2014-4114 with APT Malware Embedded )
    4 years ago
  • XyliBox
    Citadel 0.0.1.1 (Atmos)
    3 years ago

Search This Blog

Malware collections

Take a sample, leave a sample. Mobile malware mini-dump Download files

Upload files to the mobile malware mini-dump

Malware Lists and Collections

* Malicious documents archive for signature testing and research
* Mobile Malware Collection
* I want it ALL

Adobe Reader versions vs corresponding exploits (CVE numbered) - Downloads for testing

Microsoft and Adobe Flash patches vs corresponding document and web exploits (non PDF, CVE numbered)

Malware list (don't think i have time to keep it up) --- the the malware list is moving here
Malware list (OLD) -- no new updates


PCAP Collections

Subscribe To

Posts
Atom
Posts
Comments
Atom
Comments

contagio Dropbox

Follow by Email
Powered by Blogger.