contagio: 2011-2100

Pages

Home
Search the Interwebs

Mobile and print friendly view |

Showing posts with label 2011-2100. Show all posts

Showing posts with label 2011-2100. Show all posts

Monday, June 20, 2011

Apr 13 CVE-2011-2100 PDF - Adobe DLL Loading Vulnerability - Agenda.7z

Common Vulnerabilities and Exposures (CVE)number

CVE-2011-2100 Adobe Acrobat and Reader DLL Loading Arbitrary Code Execution Vulnerability.

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory.

It was patched by Adobe on June 14, 2011.
References and related articles

APSB11-16 Security updates available for Adobe Reader and Acrobat (Adobe) June 14, 2011
Microsoft Security Advisory 2269637 Released (Microsoft: DLL preloading attacks post of 21 Aug 2010 )
Security Focus

Posted by Mila at 6:40 AM 5 comments Tags: 2011-2100 Links to this post

Older Posts Home

Subscribe to: Posts (Atom)

Shared by

Mila

View my complete profile

About contagio

Contagio is a collection of the latest malware samples, threats, observations, and analyses. Note: Zip files passwords: Contact me via email (see my profile) for the passwords or the password scheme. If you see errors, typos, etc, please let me know.

Malware samples are available for download by any responsible whitehat researcher. By downloading the samples, anyone waives all rights to claim punitive, incidental and consequential damages resulting from mishandling or self-infection.

About Contagio Mobile

aka "take a sample, leave a sample" Contagio mobile mini-dump is a part of contagiodump.blogspot.com.

Blog Archive

▼ 2020 (1)
- ▼ April (1)
  - KPOT info stealer samples

► 2019 (5)
- ► December (1)
- ► October (3)
- ► June (1)

► 2018 (1)
- ► March (1)

► 2017 (4)
- ► October (1)
- ► March (2)
- ► February (1)

► 2016 (4)
- ► August (2)
- ► March (1)
- ► February (1)

► 2015 (6)
- ► August (1)
- ► May (1)
- ► March (1)
- ► February (2)
- ► January (1)

► 2014 (5)
- ► November (3)
- ► October (1)
- ► July (1)

► 2013 (17)
- ► November (1)
- ► September (1)
- ► August (2)
- ► June (1)
- ► May (1)
- ► April (2)
- ► March (3)
- ► February (5)
- ► January (1)

► 2012 (59)
- ► December (15)
- ► November (3)
- ► October (3)
- ► September (3)
- ► August (9)
- ► July (2)
- ► June (5)
- ► May (6)
- ► April (7)
- ► March (3)
- ► February (2)
- ► January (1)

► 2011 (77)
- ► December (1)
- ► November (4)
- ► October (8)
- ► September (7)
- ► August (4)
- ► July (8)
- ► June (13)
- ► May (4)
- ► April (11)
- ► March (8)
- ► February (4)
- ► January (5)

► 2010 (191)
- ► December (4)
- ► November (9)
- ► October (4)
- ► September (10)
- ► August (17)
- ► July (19)
- ► June (20)
- ► May (16)
- ► April (22)
- ► March (25)
- ► February (15)
- ► January (30)

► 2009 (56)
- ► December (27)
- ► November (14)
- ► October (7)
- ► September (2)
- ► June (2)
- ► May (3)
- ► April (1)

► 2008 (1)
- ► May (1)

Shortcuts

RE blogs collection
Mobile Malware mini-dump. Take a sample, leave a sample.
Mobile Malware Google Group
CURRENT PDF THREATS - Malware Tracker
Defcon 18 Materials (CD)- 2010 Las Vegas
Black Hat USA 2010 (Las Vegas and DC) materials
************** ViCheck.ca - Malware check tool*************
APT malware
APT - Advanced Persistent Threat / Targeted Attacks links
Collection of Web Backdoors & Shells
Dictionary. Ru (computer slang) - Eng (Google machine) - Eng (human)
Malware Analysis -- Links and resources for malware samples
Malware Analysis and Forensics tools links
Overview of Exploit Packs
Crimepack 3.1.3 Exploit kit info
Phoenix 2.0 Exploit kit
Top Twenty (Former Top Ten) targeted attack emails of 2009-2010
ZeuS Version scheme by the trojan author
Zeus Trojan Research Links

Categories - sort of

Blog List

0day.jp (ゼロデイ.JP)

#OCJP-136: 「FHAPPI」 Geocities.jpとPoison Ivy(スパイウェア)のAPT事件
3 years ago
Andre' M. DiMino SemperSecurus

Another look at a cross-platform DDoS botnet
6 years ago
Antivirus Comparison. Compare antivirus reviews and ratings
Axtaxt's Blog

Analyzing the “ecological footprint” of java algorithms
5 years ago
Carnal0wnage & Attack Research Blog

WeirdAAL update - get EC2 snapshots
4 weeks ago
chackraview.net
Crucial Security Forensics Blog

SANS DFIR Summit in Austin, TX
7 years ago
CyberESI

Measuring up to the NIST Cybersecurity Framework: A Q&A with Matt Barrett
11 months ago
Didier Stevens

FalsePositive GitHub Repository
5 days ago
extraexploit

extraexploit memories
7 years ago
F-Secure Antivirus Research Weblog

Soon…
4 years ago
FireEye Malware Intelligence Lab

YAJ0: Yet Another Java Zero-Day
7 years ago
Forensics from the sausage factory

Imaging drives protected with Apple FileVault2 encryption
5 years ago
inREVERSE

Correctly Getting Your Liquor, Beer as well as Wine Supply Order
4 years ago
Krebs on Security

Turn on MFA Before Crooks Do It For You
1 day ago
Malware Diaries
Nart Villeneuve

Targeted Not Targeted
3 months ago
Reversemode

Project Basecamp - Attacking ControlLogix
4 years ago
StopMalvertising RSS Feed

ZeuS GameOver uses .NET cryptor and invites Zemot
5 years ago
Targeted Email Attacks

Hiatus
2 years ago
The Dark Visitor

Unnatural Selection by Mara Hvistendahl
9 years ago
Veiled Shadows

No more echo chambers.
9 years ago
Xecure Lab

注意! ,最新 CVE-2014-4114 PPSX 漏洞已經被利用在攻擊台灣政府單位的APT中 ! Xecure lab discovers new variant of CVE-2014-4114 in Taiwan APT attacks (CVE-2014-4114 with APT Malware Embedded )
5 years ago
XyliBox

Citadel 0.0.1.1 (Atmos)
4 years ago

Search This Blog

Malware Lists and Collections

* Malicious documents archive for signature testing and research
* Mobile Malware Collection
* I want it ALL

Adobe Reader versions vs corresponding exploits (CVE numbered) - Downloads for testing

Microsoft and Adobe Flash patches vs corresponding document and web exploits (non PDF, CVE numbered)

Malware list (don't think i have time to keep it up) --- the the malware list is moving here
Malware list (OLD) -- no new updates

PCAP Collections

Subscribe To

Posts

Posts

All Comments

All Comments

Follow by Email

Powered by Blogger.