Almost every Patch Tuesday cycle contains one bulletin that (for convenience) rolls up multiple Internet Explorer vulnerabilities into a single bulletin. February’s Patch Tuesday cumulative IE bulletin (MS15-009) included a fix for a particularly interesting vulnerability that could be used to bypass one of the key anti-exploit technologies in use today, address space layout randomization (ASLR).
This vulnerability was designated CVE-2015-0071. To be used in an attack, this vulnerability must be combined with another one that is capable of actually running code on the affected machines. In attacks seen by iSIGHT, this has been paired with an Adobe Flash vulnerability (CVE-2014-9163), which was fixed in December.
This vulnerability was found in the jscript9.dll module. To analyze this vulnerability, I examined this file (version 9.0.8112.1645) on a Windows 7, 32-bit system here........http://blog.trendmicro.com/trendlabs-security-intelligence/bypassing-aslr-with-cve-2015-0071-an-out-of-bounds-read-vulnerability/
This vulnerability was designated CVE-2015-0071. To be used in an attack, this vulnerability must be combined with another one that is capable of actually running code on the affected machines. In attacks seen by iSIGHT, this has been paired with an Adobe Flash vulnerability (CVE-2014-9163), which was fixed in December.
This vulnerability was found in the jscript9.dll module. To analyze this vulnerability, I examined this file (version 9.0.8112.1645) on a Windows 7, 32-bit system here........http://blog.trendmicro.com/trendlabs-security-intelligence/bypassing-aslr-with-cve-2015-0071-an-out-of-bounds-read-vulnerability/