SecPod Labs
Security Research
In-depth CVE write-ups, vulnerability analysis, and security intelligence from the SecPod Research team.
CVE Research
CVE-2013-7260: RealNetworks RealPlayer Stack-Based Buffer Overflow
RealPlayer is vulnerable to multiple stack-based buffer overflow vulnerabilities (CVE-2013-7260). This flaw allows attackers to execute arbitrary code and take complete control of the system remotely. Affected versions of RealPlayer are before 17.0.4.61 on Windows systems. This flaw can be mitigated...
CVE Research
Exploit Kits: Cybercriminal’s ultimate weapon
Exploit kits are automated malicious software programs which target client-side application vulnerabilities like Web Browsers, Add-ons, Adobe Flash Player, Adobe Reader, Java Runtime Environment, etc. Therefore, Vulnerability Management Software can help you prevent these.
CVE Research
Hunting the Egg: Egg Hunter
A bit of a background on buffer overflow to begin with. A buffer overflow occurs when a program tries to write more data into a buffer than it can. This makes it overrun and writes data in an unallocated memory location. If we carefully craft the data, we can control the flow of execution and then d...
CVE Research
Advanced Power Botnet: Innovative Approach to find Security Vulnerabilities
A new kind of botnet in cyber security has been uncovered which takes an innovative approach to find security vulnerabilities in the website using systems installed with illegitimate Mozilla Firefox add-on. An investigation by KrebsOnSecurity has revealed. Using a vulnerability management solution.
CVE Research
Introduction to IDA Pro
IDA Pro is primarily a multi-platform, multi-processor disassembler that translates machine executable code into assembly language source code for the purpose of debugging and reverse engineering. On various platforms, people are using it as a local or as a remote debugger. The development of Plug-...