skip to main | skip to sidebar

Roee Hay

Home
Posts RSS
Comments RSS
Contact

Babylon Cross-Application Scripting Code Execution

Posted by Roee Hay on Wednesday, November 10, 2010 /

Recently Yair Amit and I have discovered a Cross-Application Scripting vulnerability in Babylon which could lead to code execution.

Full details can be obtained from the following references:
1. Blog post
2. Advisory
3. Proof of concept:

-Roee

0 comments:

Newer Post Older Post Home

Blog Archive

► 2012 (1)
- ► March (1)
  - DNS poisoning via Port Exhaustion #3 on Top Ten We...

► 2011 (2)
- ► October (1)
  - DNS poisoning via Port Exhaustion
- ► August (1)
  - Android Browser Cross-Application Scripting (CVE-2...

▼ 2010 (1)
- ▼ November (1)
  - Babylon Cross-Application Scripting Code Execution...

► 2009 (5)
- ► August (2)
  - Exploitation of CVE-2009-1869
  - Advisory: Adobe Flash Player and AIR AVM2 intf_cou...
- ► July (1)
  - Adobe Flash Player Integer Overflow Remote Code Ex...
- ► June (1)
  - Apple QuickTime Image Description Atom Sign Extens...
- ► February (1)
  - Adobe Flash Player Update

► 2008 (1)
- ► October (1)
  - Graphviz Buffer Overflow Code Execution

► 2007 (1)
- ► November (1)
  - Untrusted Gateways - Open wireless networks

About Me

Roee Hay: Security Researcher working for IBM

View my complete profile

Disclaimer

The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions.

Copyright 2009 Roee Hay All rights reserved. Powered by Blogger

Blogger Template created by Deluxe Templates | Wordpress by NeoEase.