Get a Pentest and security assessment of your IT network.

News

Read From PDF, Write to Edge’s Memory (CVE-2016-0117)

This blog post discusses CVE-2016-0117, a vulnerability in the Windows PDF library (WinRT PDF) that triggered my research of the Segment Heap. The vulnerability is interesting in that it can be used to perform an arbitrary write to Edges content process memory, one of the critical elements for remote code execution. To perform a reliable arbitrary write in the Edge content process, one needs to perform precise layout manipulation of a heap that is managed by the new heap implementation in Windows 10.”]

Source: https://securityintelligence.com/read-from-pdf-write-to-edges-memory-cve-2016-0117/

Related posts
News

Ashley Madison 2.0 Hackers Leak 20GB Data Dump, Including CEO's Emails

News

Art of Twitter account hacking

News

Thousands of Magento websites compromised to serve malware

News

Office 365 Secure Score: An Introduction