The last couple of days there has been a big buzz regarding an IE 0-day being exploited in the wild. The exploit was caught by FireEye. The FireEye blog stated that a Flash bug has been used to bypass ASLR. This caught our attention here in the ZDI, and made us wonder if we can actually bypass ASLR and DEP using the same IE bug without the Flash one.
read more....http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Double-Dip-Using-the-latest-IE-0-day-to-get-RCE-and-an-ASLR/ba-p/6466280#.U2kjA_ldWSp
read more....http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/Double-Dip-Using-the-latest-IE-0-day-to-get-RCE-and-an-ASLR/ba-p/6466280#.U2kjA_ldWSp