Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
In computer security and programming, a buffer overflow, or buffer overrun, is an anomaly where a program, while writing data to a buffer, overruns the buffer's boundary and overwrites adjacent memory. This is a special case of violation of memory safety. | M c E H Certified Ethical Hocker Ethical Hacking and Countermeasures Version 6 Module XXIV Buffer Overflows IM c E H News Certified Ethical Hacker February 4 2008 10 51 AM PST Facebook MySpace image uploaders vulnerable to attack Posted by Robert Vamosi Updated at 3 37 p.m. PST With statement from MySpace and Facebook. Within the last week researcher Elazar Broad has disclosed two ActiveX vulnerabilities in the tools that MySpace.com and Facebook users use to upload images to their sites. On Sunday Broad disclosed a buffer overflow vulnerability within the Facebook image upload control. Last week Broad disclosed a similar buffer overflow flaw within MySpaceAurigma s ImageUploader ActiveX the MySpace vulnerability also affects Facebook users. Facebook and MySpace use controls repackaged from Aurigma Imaging Technology. Vulnerable to the recent attack scenario are FaceBook PhotoUploader 4.5.57.0 Aurigma lmageUploader4 4.6.17.0 Aurigma lmageUploader4 4.5.70.0 Aurigma lmageUploader4 4.5.126.0 and Aurigma ImageUploaderS 5.0.10.0. The MySpace attack outlined last week could allow specially crafted Web pages to crash Windows systems. The Facebook attack announced Sunday could allow for denial-of-service attacks or for malicious code to run on compromised PCs. An exploit exists for the MySpace attack. An exploit for the Facebook attack is expected to be posted on the Internet shortly. Recent versions of Facebook PhotoUploader 4.5.57.1 are not vulnerable. Also for the MySpace vulnerability Aurigma Imaging Technology recommends upgrading to the latest 4.x and 5.x Source http www.news.com releases. Copyright by Ec-Council EC-Council All Rights Reserved. Reproduction is Strictly Prohibited IM c EH Scenario Certified Ethical Hacker It was a job that Tim wanted right from the start of his career. Being a Project Manager at a well-known software firm was definitely a sign of prestige. But now his credibility was at stake. The last project that Tim handled failed to deliver .