Threat Level: Infocon green

Diaries by Keyword: EMET Adobe exploit

DateAuthorTitle

EMET ADOBE EXPLOIT

2010-09-13Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit

EMET

2013-01-02Russ McReeEMET 3.5: The Value of Looking Through an Attacker's Eyes
2012-05-16Johannes UllrichMicrosoft released an update for its Enhanced Mitigation Experience Tool (EMET) http://blogs.technet.com/b/srd/archive/2012/05/15/introducing-emet-v3.aspx
2010-09-13Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2009-11-02Rob VandenBrinkMicrosoft releases v1.02 of Enhanced Mitigation Evaluation Toolkit (EMET)
2008-08-02Maarten Van HorenbeeckIssues affecting sites using Sitemeter [resolved]

ADOBE

2013-05-14Swa FrantzenAdobe May 2013 Black Tuesday Overview
2013-05-10Johannes UllrichMicrosoft and Adobe Patch Tuesday Pre-Release
2013-05-09John BambenekAdobe Releases 0-day Security Advisory for Coldfusion, Exploit Code Available. Advisory here: http://www.adobe.com/support/security/advisories/apsa13-03.html
2013-05-08Johannes Ullrich"De Flashing" the ISC Web Site and Flash XSS issues
2013-04-09Swa FrantzenAdobe April 2013 Black Tuesday Overview
2013-03-12Swa FrantzenAdobe March 2013 Black Tueday
2013-02-27Adam SwangerAdobe Flash Player Security Update - http://www.adobe.com/support/security/bulletins/apsb13-08.html
2013-02-20Johannes UllrichUpdate Palooza
2013-02-17Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-02-07John BambenekAdobe Releases Patches for 0-day Vulnerability in Flash Player for Windows and Mac, Upgrade now: http://www.adobe.com/support/security/bulletins/apsb13-04.html
2013-01-09Rob VandenBrinkSecurity Updates for Adobe Reader / Acrobat - http://www.adobe.com/support/security/bulletins/apsb13-02.html
2013-01-09Rob VandenBrinkSecurity Updates for Adobe Flash - http://www.adobe.com/support/security/bulletins/apsb13-01.html
2013-01-08Richard PorterAdobe Security Bulletins http://blogs.adobe.com/psirt/2013/01/adobe-security-bulletins-posted-4.html
2013-01-04Daniel WesemannPatch pre-notification from Adobe and Microsoft
2012-11-08Daniel WesemannAdobe Patches
2012-10-09Johannes UllrichAdobe Flash Player update http://www.adobe.com/support/security/bulletins/apsb12-22.html
2012-08-21Adrien de BeaupreYYABCAFU - Yes Yet Another Bleeping Critical Adobe Flash Update
2012-08-14Rick WannerAdobe Security Bulletins - http://blogs.adobe.com/psirt/2012/08/adobe-security-bulletins-posted-2.html
2012-06-12Swa FrantzenAdobe June 2012 Black Tuesday patches
2012-05-25Guy BruneauTechnical Analysis of Flash Player CVE-2012-0779
2012-05-12Tony CarothersAdobe Update to Vulnerabilities
2012-05-04Guy BruneauAdobe Security Flash Update
2012-04-10Swa FrantzenAdobe April 2012 Black Tuesday Update
2012-04-06Johannes UllrichAdobe Patch Tuesday Prerelease (Reader/Acrobat) http://www.adobe.com/support/security/bulletins/apsb12-08.html
2012-03-28Kevin ShorttAdobe Flash Player APSB12-07 - 28 March 2012
2012-03-05Johannes UllrichAdobe Flash Player Security Update
2012-02-16Johannes UllrichAdobe Flash Player Update
2012-02-14Johannes UllrichAdobe Shockwave Player and RoboHelp for Word Patches
2012-01-10Adrien de BeaupreAdobe January 2012 Black Tuesday overview
2011-12-13Johannes UllrichDecember 2011 Adobe Black Tuesday
2011-12-08Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-07Lenny ZeltserAdobe Acrobat Latest Zero-Day Vulnerability Fix Coming to All Platforms by January 10
2011-11-11Rick WannerAdobe Air updated to 3.1.0.4880
2011-11-08Swa FrantzenAbobe November 2011 Black Tuesday Overview
2011-10-05Johannes UllrichAdobe SSL Certificate Problem (fixed)
2011-10-01Mark HofmanAdobe Photoshop for Windows Vulnerability (CVE-2011-2443)
2011-09-21Swa FrantzenEmergency patch expected for Flash Player
2011-09-21Guy BruneauAdobe Release Flash Player 10.3.183.10 available at http://get.adobe.com/flashplayer/
2011-09-09Guy BruneauAdobe Publish its List of Trusted Root Certificate - http://www.adobe.com/security/approved-trust-list.html
2011-09-09Guy BruneauAdobe plan to release critical security updates next Tuesday for Acrobat and Reader http://www.adobe.com/support/security/bulletins/apsb11-24.html
2011-08-26Daniel WesemannAdobe Flash stability update to 10.3.183.7. See http://forums.adobe.com/message/3883150
2011-08-09Swa FrantzenAdobe August 2011 Black Tuesday Overview
2011-06-30Guy BruneauAdobe Release Flash Player 10.3.181.34 available at http://get.adobe.com/flashplayer/
2011-06-14Swa FrantzenAdobe releases patches
2011-06-06Johannes UllrichAdobe releases Flash Player patch on a Sunday to combat latest 0day http://www.adobe.com/support/security/bulletins/apsb11-13.html
2011-05-12Chris MohanSecurity updates available for Flash Player, RoboHelp, Audition, and Flash Media Server
2011-04-21Guy BruneauAdobe Reader and Acrobat Security Updates
2011-04-14Johannes UllrichUpdate to Adobe Flash 0-day: Patch will be out soon
2011-04-11Johannes UllrichYet another Adobe Flash/Reader/Acrobat 0 day
2011-03-22Kevin ShorttAdobe Reader/Acrobat Security Update - http://www.adobe.com/support/security/bulletins/apsb11-06.html
2011-03-14Bojan ZdrnjaAdobe Flash 0-day being used in targeted attacks
2011-03-02Chris MohanUpdates: Firefox 3.6.14/3.5.17, Thunderbird 3.1.8, Adobe Flash v10.2.152.32 & WireShark 1.4.4
2011-02-09Mark HofmanAdobe Patches (shockwave, Flash, Reader & Coldfusion)
2011-01-06Johannes UllrichFlash Local-with-filesystem Sandbox Bypass
2010-11-22Lenny ZeltserAdobe Acrobat Spam Going Strong - More to Come?
2010-11-19Jason LamAdobe Reader X - Sandbox
2010-11-04Johannes UllrichToday's Adobe Patches and Vulnerablities
2010-10-28Manuel Humberto Santander PelaezCVE-2010-3654 - New dangerous 0-day authplay library adobe products vulnerability
2010-10-06Robert DanfordAdobe updates: http://www.adobe.com/support/security/bulletins/apsb10-21.html
2010-09-14Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-13Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-12Manuel Humberto Santander PelaezAdobe Acrobat pushstring Memory Corruption paper
2010-09-08John BambenekAdobe Acrobat/Reader 0-day in Wild, Adobe Issues Advisory
2010-08-25Pedro BuenoAdobe released security update for Shockwave player that fix several CVEs: APSB1020
2010-08-19Rob VandenBrinkDon points us to multiple Adobe updates (Reader and Acrobat 9.3.4 among them) ==> http://www.adobe.com/support/downloads/new.jsp
2010-08-18Guy BruneauAdobe out-of-cycle Updates
2010-08-10Jason LamAdobe critical security updates
2010-08-05Manuel Humberto Santander PelaezAdobe Acrobat Font Parsing Integer Overflow Vulnerability
2010-07-21Adrien de BeaupreAdobe Reader Protected Mode
2010-06-29donald smithAdobe Reader 9.3.3/8.2.3 addressing CVE-2010-1297
2010-06-16Kevin ShorttAdobe Flash Player 10.1 - Security Update Available
2010-06-09Deborah HaleAdobe POC in the Wild
2010-06-09Deborah HaleBest Practice to Prevent PDF Attacks
2010-06-05Guy BruneauSecurity Advisory for Flash Player, Adobe Reader and Acrobat
2010-05-12Rob VandenBrinkAdobe Shockwave Update
2010-04-13Adrien de BeaupreSecurity update available for Adobe Reader and Acrobat
2010-04-09Mark HofmanAdobe launch issue response/work around.
2010-03-31Johannes UllrichPDF Arbitrary Code Execution - vulnerable by design.
2010-02-16Robert DanfordAdobe Updates: http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-12G. N. WhiteAdobe Flash Player 10.0.45.2 and AIR 1.5.3.9130 released to correct vulnerability CVE-2010-0186 Details: http://www.adobe.com/support/security/bulletins/apsb10-06.html
2010-02-02Guy BruneauAdobe ColdFusion Information Disclosure
2010-01-21Chris CarboniSecurity Update Available for Shockwave Player
2010-01-14Bojan ZdrnjaPDF Babushka
2010-01-12Johannes UllrichMicrosoft Advices XP Users to Uninstall Flash Player 6
2010-01-12Johannes UllrichPre-Announced Adobe Reader and Acrobat Patch Found!
2010-01-07Daniel WesemannStatic analysis of malicous PDFs (Part #2)
2010-01-07Daniel WesemannStatic analysis of malicious PDFs
2009-12-15Johannes UllrichAdobe 0-day in the wild - again
2009-12-09Swa FrantzenAdobe flash player and air patched
2009-12-03Mark HofmanNext week will be a big patch week - Adobe is also releasing patches "Adobe is planning to release an update for Adobe Flash Player 10.0.32.18 and earlier versions, and an update to Adobe AIR 1.5.2 and earlier versions, to resolve critical security issues
2009-11-03Bojan ZdrnjaAdobe released Shockwave Player 11.5.2.602 which fixes several critical security vulnerabilities
2009-10-13Daniel WesemannAdobe Reader and Acrobat - Black Tuesday continues
2009-10-08Johannes UllrichNew Adobe Vulnerability Exploited in Targeted Attacks
2009-08-18Deborah HaleSecurity Bulletin for ColdFusion and JRun
2009-07-31Deborah HaleAdobe Patch is out
2009-07-22Bojan ZdrnjaYA0D (Yet Another 0-Day) in Adobe Flash player
2009-06-24Kyle HaugsnessAdobe Shockwave Player Update
2009-06-09Swa FrantzenAdobe June Black Tuesday upgrades
2009-05-24Raul SilesAnalyzing malicious PDF documents
2009-05-22Mark HofmanPatching and Adobe
2009-05-12Swa FrantzenAdobe Acrobat (reader) patches released
2009-05-01Adrien de BeaupreAdobe Flash Media Server privilege escalation security bulletin
2009-04-29Jason LamTwo Adobe 0-day vulnerabilities
2009-04-20Jason LamDigital Content on TV
2009-03-18Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-03-10Swa FrantzenAdobe Acrobat 9.1 released
2009-02-25Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25Andre LudwigAdobe flash player patch
2009-02-25Andre LudwigPreview/Iphone/Linux pdf issues
2008-12-05Daniel WesemannBeen updatin' your Flash player lately?
2008-11-17Jim ClausingCritical update to Adobe AIR
2008-11-11Swa FrantzenAcrobat continued activity in the wild
2008-11-06Joel EslerMore Adobe Updates
2008-10-15Mari NicholsAdobe Flash 10 Released
2008-07-17Mari NicholsAdobe Reader 9 Released
2008-07-11Raul SilesHow to Determine if Adobe Acrobat or Reader 8.1.2 Security Update 1 is Installed?
2008-05-27Adrien de BeaupreAdobe flash player vuln
2008-05-12Scott FendleyAdobe Releases Security Updates
2008-04-09Raul SilesCritical vulnerabilities in Adobe Flash Player
2008-03-20Joel EslerPotential Vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8?
2008-03-12Joel EslerAdobe security updates
2006-11-29Toby KohlenbergNew Adobe vulnerability
2006-11-14Jim ClausingMS06-069: Adobe Flash Player
2006-11-14Swa FrantzenAdobe Flash update available
2006-09-12Swa FrantzenAdobe Flash player upgrade time

EXPLOIT

2013-02-21Pedro BuenoNBC site redirecting to Exploit kit
2013-02-17Guy BruneauAdobe Acrobat and Reader Security Update Planned this Week
2013-02-13Swa FrantzenMore adobe reader and acrobat (PDF) trouble
2013-01-05Guy BruneauAdobe ColdFusion Security Advisory
2013-01-04Guy Bruneau"FixIt" Patch for CVE-2012-4792 Bypassed
2012-12-10Johannes UllrichYour CPA License has not been revoked
2012-12-02Guy BruneauZero Day MySQL Buffer Overflow
2012-08-05Daniel WesemannPhishing for Payroll with unpatched Java
2012-07-19Mark BaggettA Heap of Overflows?
2012-06-18Guy BruneauCVE-2012-1875 exploit is now available
2012-05-05Tony CarothersVulnerability Exploit for Snow Leopard
2012-04-26Richard PorterPacketstorm Security and Metasploit have Exploit code for MS12-027
2012-03-11Johannes UllrichAn Analysis of Jester's QR Code Attack. (Guest Diary)
2011-12-08Adrien de BeaupreNewest Adobe Flash 11.1.102.55 and Previous 0 Day Exploit
2011-12-06Pedro BuenoThe RedRet connection...
2011-11-22Pedro BuenoUpdates on ZeroAccess and BlackHole front...
2011-10-13Johannes UllrichCritical OS X Vulnerability Patched
2011-05-06Richard PorterUpdated Exploit Index for Microsoft
2011-03-29Daniel WesemannMalware emails with fake cellphone invoice
2011-03-15Lenny ZeltserLimiting Exploit Capabilities by Using Windows Integrity Levels
2011-03-09Kevin ShorttAVG Anti-Virus 2011 False Positives - Luhe.Exploit.PDF.B
2011-02-16Jason LamWindows 0-day SMB mrxsmb.dll vulnerability
2010-12-27Johannes UllrichVarious sites "Owned and Exposed"
2010-12-13Deborah HaleThe Week to Top All Weeks
2010-12-02Kevin JohnsonProFTPD distribution servers compromised
2010-11-01Manuel Humberto Santander PelaezCVE-2010-3654 exploit in the wild
2010-09-26Daniel WesemannPDF analysis paper
2010-09-14Adrien de BeaupreAdobe Flash v10.1.82.76 and earlier vulnerability in-the-wild
2010-09-13Manuel Humberto Santander Pelaez Enhanced Mitigation Experience Toolkit can block Adobe 0-day exploit
2010-09-13Manuel Humberto Santander PelaezAdobe SING table parsing exploit (CVE-2010-2883) in the wild
2010-09-02Daniel WesemannSDF, please!
2010-08-22Manuel Humberto Santander PelaezAnatomy of a PDF exploit
2010-06-15Manuel Humberto Santander PelaezMicrosoft Windows Help and Support Center vulnerability (CVE 2010-1885) exploit in the wild
2010-06-06Manuel Humberto Santander PelaezNice OS X exploit tutorial
2010-05-23Manuel Humberto Santander PelaezOracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
2010-04-10Andre LudwigNew bug/exploit for javaws
2010-02-08Adrien de BeaupreWhen is a 0day not a 0day? Fake OpenSSh exploit, again.
2010-01-24Pedro BuenoOutdated client applications
2010-01-19Johannes UllrichUnpatched Microsoft Windows (all versions) Privilege Escalation Vulnerability Released
2010-01-12Adrien de BeauprePoC for CVE-2009-0689 MacOS X 10.5/10.6 vulnerability
2009-12-05Guy BruneauJava JRE Buffer and Integer Overflow
2009-11-16G. N. WhiteReports of a successful exploit of the SSL Renegotiation Vulnerability?
2009-11-14Adrien de BeaupreMicrosoft advisory for Windows 7 / Windows Server 2008 R2 Remote SMB DoS Exploit released
2009-11-12Rob VandenBrinkWindows 7 / Windows Server 2008 Remote SMB Exploit
2009-10-21Pedro BuenoWordPress Hardening
2009-09-16Bojan ZdrnjaSMB2 remote exploit released
2009-08-31Pedro BuenoMicrosoft IIS 5/6 FTP 0Day released
2009-08-18Bojan ZdrnjaMS09-039 exploit in the wild?
2009-07-16Bojan ZdrnjaOWC exploits used in SQL injection attacks
2009-07-15Bojan ZdrnjaMake sure you update that Java
2009-07-13Adrien de Beaupre* Infocon raised to yellow for Excel Web Components ActiveX vulnerability
2009-07-10Guy BruneauWordPress Fixes Multiple vulnerabilities
2009-07-09Bojan ZdrnjaOpenSSH 0day FUD
2009-06-12Adrien de BeaupreGreen Dam
2009-06-08Chris CarboniKloxo (formerly Lxadmin) Vulnerability Exploited
2009-05-06Tom ListonFollow The Bouncing Malware: Gone With the WINS
2009-04-24Pedro BuenoDid you check your conference goodies?
2009-04-14Swa FrantzenVMware exploits - just how bad is it ?
2009-03-19Mark HofmanBrowsers Tumble at CanSecWest
2009-03-18Adrien de BeaupreAdobe Security Bulletin Adobe Reader and Acrobat
2009-02-25Andre LudwigAdobe Acrobat pdf 0-day exploit, No JavaScript needed!
2009-02-25Andre LudwigPreview/Iphone/Linux pdf issues
2008-08-26John BambenekActive attacks using stolen SSH keys (UPDATED)
2008-05-07Jim ClausingMore on automated exploit generation
2008-05-05John BambenekDefenses Against Automated Patch-Based Exploit Generation
2008-04-24Maarten Van HorenbeeckTargeted attacks using malicious PDF files
2008-04-18John BambenekThe Patch Window is Gone: Automated Patch-Based Exploit Generation
2008-04-10Deborah HaleSymantec Threatcon Level 2
2006-11-20Joel EslerMS06-070 Remote Exploit
site/port/ip search:

Announcement!

IPv6 Support Added

Our iptables client now supports submitting IPv6 firewall logs.

Get ISC Swag!!

Advertisement

Security News Feeds

InternetStormCenter
SANS Newsbites
SANS @Risk

Diary Archives

e-netprotections.su ? - by: Daniel Wesemann (2013-05-17)

SSL: Another reason not to ignore IPv6 - by: Johannes Ullrich (2013-05-17)

Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability - by: Joel Esler (2013-05-16)

View Diary Archives

Search Diaries:

SANS Institute

View our Privacy Policy

Contact Us

Phone: (757) SANS-ISC (726-7472) - Voice Mail Only
Web Contact: handlers@isc.sans.edu
Report Bugs: Sourceforge Project
Debug Info: Browser Debug Info

"The experiences gained in the SANS Technology Institute program have helped me advance in IBM, taking a more public facing role."
- Jerome Radcliffe, SANS Technology Institute Student

"SANS is a 'giving back to the community factory.' SANS encourages and fosters growing security awareness and growing the security community."
- Rob VandenBrink, Alumni of SANS Technology Institute