Abstract:
The revised Google Chrome Math.random algorithm (included in version
3.0 of Google Chrome) is predictable. This paper describes how Google
Chrome 3.0 Math.random's internal state can be reconstructed, and how
it can be rolled forward and backward, and how (in Windows) the exact
seeding time can be extracted. This in turn leads to various attacks
(e.g. "in-session phishing") as described in an earlier paper (http://www.trusteer.com/files/Temporary_User_Tracki
... Read more »
BLUE MOON SECURITY ADVISORY 2009-06
==============================
=====
:Title: Remote code execution in BKAV eOffice
:Severity: Critical
:Reporter: Blue Moon Consulting
:Products: eOffice v5.1.5
:Fixed in: --
Description
-----------
We could not find out the definitive description for eOffice in
English. This is our own understanding of the application: eOffice is
an IMAP email client.
We have discovered a remote code execution vulnerability in eOffice.
The attacker could force an unknowning user to execute arbitrary code.
To exploit this bug, an attacker only needs to send a specially-crafted
email to his target's address. When the victim clicks on the email,
malicious code will run immediately. From there, the attacker might
take full control of the machine, or simply cause a Denial of Service.
This vulnerability exists in versions up to 5.1.5. Newer version might also be a
... Read more »