May 27, 2022

Hacking and Programming

Daily News and Weekly Tutorials

Google Project Zero details from 2014 to mid 2020

This article contains Details of Google Project Zero from 2014 to mid 2020 which Google made public earlier this week

The spreadsheet is detail to track cases of zero-day exploits that were detected “in the wild” by Google project zero team. This means the vulnerability was detected in real attacks against users as a zero-day vulnerability (i.e. not known to the public or the vendor at the time of detection). The data is collected by Google from a range of public sources. Google include relevant links to third-party analysis and attribution, but they did this only for  information; their inclusion does not mean they endorse or validate the content there.

The complete list Zero-Days found out by Google Project Zero



    • CVE 2020-12271


    • Sophos


    • XG Firewall


    • Logic/Design Flaw


    • SQL injection in admin interface/user portal


    • 2020-04-22


    • 2020-04-25


    • https://community.sophos.com/kb/en-us/135412


    • https://news.sophos.com/en-us/2020/04/26/asnarok/


    • CVE-2020-1027


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in Windows Kernel


    • 2020-03-23


    • 2020-04-14


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1027


    • Google Project Zero & Google’s Threat Analysis Group


    • CVE-2020-1020


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in Adobe Type 1 PostScript format


    • 2020-04-14


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-1020


    • Google Project Zero & Google’s Threat Analysis Group


    • CVE-2020-0938


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in Adobe Type 1 PostScript format


    • 2020-04-14


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2020-0938


    • Liubenjin and Zhiyi Zhang from Codesafe Team of Legendsec at Qi’anxin Group


    • CVE-2020-6820


    • Mozilla


    • Firefox


    • Memory Corruption


    • Use-after-free when handling a ReadableStream


    • 2020-04-03


    • https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/


    • Francisco Alonso @revskills working with Javier Marcos of @JMPSec


    • CVE-2020-6819


    • Mozilla


    • Firefox


    • Memory Corruption


    • Use-after-free while running the nsDocShell destructor


    • 2020-04-03


    • https://www.mozilla.org/en-US/security/advisories/mfsa2020-11/


    • Francisco Alonso @revskills working with Javier Marcos of @JMPSec


    • CVE-2020-8468


    • TrendMicro


    • Apex One/OfficeScan


    • Logic/Design Flaw


    • Content validation escape in agent client component


    • 2020-03-16


    • https://success.trendmicro.com/solution/000245571


    • Trend Micro Research


    • CVE-2020-8467


    • TrendMicro


    • Apex One/OfficeScan


    • Unspecified


    • Unspecified vulnerability in a migration tool component


    • 2020-03-16


    • https://success.trendmicro.com/solution/000245571


    • Trend Micro Research


    • CVE-2020-6418


    • Google


    • Chrome


    • Memory Corruption


    • Type confusion in v8


    • 2020-02-24


    • https://chromereleases.googleblog.com/2020/02/stable-channel-update-for-desktop_24.html


    • Clement Lecigne of Google’s Threat Analysis Group


    • CVE-2020-0674


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Unspecified memory corruption in Internet Explorer


    • 2020-02-11


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0674


    • https://blogs.360.cn/post/apt-c-06_0day.html


    • Dark Hotel


    • https://blogs.360.cn/post/apt-c-06_0day.html


    • “Yi Huang(@C0rk1_H) & Kang Yang(@dnpushme) of Qihoo 360 ATA


    • Clément Lecigne of Google’s Threat Analysis Group”


    • CVE-2019-17026


    • Mozilla


    • Firefox


    • Memory Corruption


    • Type confusion in IonMonkey JIT compiler


    • 2020-01-08


    • https://www.mozilla.org/en-US/security/advisories/mfsa2020-03/


    • Dark Hotel


    • https://blogs.360.cn/post/apt-c-06_0day.html


    • Qihoo 360 ATA


    • CVE-2019-1458


    • Microsoft


    • Windows


    • Memory Corruption


    • Memory corruption in window switching


    • 2019-12-10


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1458


    • https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/


    • WizardOpium


    • https://securelist.com/windows-0-day-exploit-cve-2019-1458-used-in-operation-wizardopium/95432/


    • Anton Ivanov and Alexey Kulaev of Kaspersky Lab


    • CVE-2019-1429


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Unspecified memory corruption in Internet Explorer


    • 2019-11-12


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1429


    • Clément Lecigne of Google’s Threat Analysis Group & Ivan Fratric of Google Project Zero


    • CVE-2019-13720


    • Google


    • Chrome


    • Memory Corruption


    • Use-after-free in audio


    • 2019-10-31


    • https://chromereleases.googleblog.com/2019/10/stable-channel-update-for-desktop_31.html


    • https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/


    • WizardOpium


    • https://securelist.com/chrome-0-day-exploit-cve-2019-13720-used-in-operation-wizardopium/94866/


    • Anton Ivanov and Alexey Kulaev of Kaspersky Lab


    • CVE-2019-18187


    • Trend Micro


    • OfficeScan


    • Logic/Design Flaw


    • Directory traversal in ZIP file extraction


    • 2019-10-28


    • https://success.trendmicro.com/solution/000151730


    • Tick


    • https://www.zdnet.com/article/trend-micro-antivirus-zero-day-used-in-mitsubishi-electric-hack/


    • Trend Micro Research


    • CVE-2019-2215


    • Google


    • Android


    • Memory Corruption


    • Use-after-free in Binder


    • 2019-09-26


    • 2019-10-06


    • https://source.android.com/security/bulletin/2019-10-01.html#kernel-b


    • https://bugs.chromium.org/p/project-zero/issues/detailid=1942


    • NSO Group


    • https://bugs.chromium.org/p/project-zero/issues/detailid=1942#c7


    • Maddie Stone of Google Project Zero


    • CVE-2019-1367


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Unspecified memory corruption in Internet Explorer


    • 2019-09-23


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1367


    • Dark Hotel


    • https://twitter.com/craiu/status/1176525773869649921


    • Clément Lecigne of Google’s Threat Analysis Group


    • CVE-2019-1132


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in win32k


    • 2019-07-09


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-1132


    • https://www.welivesecurity.com/2019/07/10/windows-zero-day-cve-2019-1132-exploit/


    • “Anton Cherepanov


    • Senior Malware Researcher of ESET”


    • CVE-2019-0880


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Sandbox escape in splwow64.exe


    • 2019-07-09


    • https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0880


    • “Gene Yoo of Resecurity


    • Inc.”


    • CVE-2019-11708


    • Mozilla


    • Firefox


    • Logic/Design Flaw


    • Sandbox escape in Prompt:Open


    • 2019-06-20


    • https://www.mozilla.org/en-US/security/advisories/mfsa2019-19/


    • Coinbase Security


    • CVE-2019-11707


    • Mozilla


    • Firefox


    • Memory Corruption


    • Type confusion in Array.pop


    • 2019-06-18


    • https://www.mozilla.org/en-US/security/advisories/mfsa2019-18/


    • “Samuel Groß of Google Project Zero


    • Coinbase Security”


    • CVE-2019-3568


    • Facebook


    • WhatsApp


    • Memory Corruption


    • Buffer overflow in SRTCP packets


    • 2019-05-13


    • https://www.facebook.com/security/advisories/cve-2019-3568


    • https://research.checkpoint.com/the-nso-whatsapp-vulnerability-this-is-how-it-happened/


    • NSO Group


    • https://www.ft.com/content/4da1117e-756c-11e9-be7d-6d846537acab


    • CVE-2019-0803


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in win32k


    • 2019-04-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0803


    • Vasily Berdnikov & Boris Larin of Kaspersky Lab


    • CVE-2019-0859


    • Microsoft


    • Windows


    • Memory Corruption


    • Use-after-free in CreateWindowEx


    • 2019-03-17


    • 2019-04-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0859


    • https://securelist.com/new-win32k-zero-day-cve-2019-0859/90435/


    • Donghai Zhu of Alibaba Cloud Intelligence Security Team


    • CVE-2019-0703


    • Microsoft


    • Windows


    • Information Leak


    • Unspecified information leak vulnerability in SMB


    • 2019-03-12


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0703


    • APT3/Buckeye


    • https://www.symantec.com/blogs/threat-intelligence/buckeye-windows-zero-day-exploit


    • Piotr Krysiuk of Symantec & Andrew Burkhardt of MSRC Vulnerabilities & Mitigations Team


    • CVE-2019-0808


    • Microsoft


    • Windows


    • Memory Corruption


    • NULL pointer dereference in win32k!xxxMNFindWindowFromPoint


    • 2019-03-12


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0808


    • https://blog.360totalsecurity.com/en/analysis-of-the-causes-of-cve-2019-0808-core-elevation-permission-vulnerability/


    • Vasily Berdnikov & Boris Larin of Kaspersky Lab


    • CVE-2019-0797


    • Microsoft


    • Windows


    • Memory Corruption


    • Race condition in NtDCompositionDestroyConnection


    • 2019-02-22


    • 2019-03-12


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0797


    • https://securelist.com/cve-2019-0797-zero-day-vulnerability/89885/


    • “FruityArmor/Stealth Falcon


    • and Sandcat”


    • https://securelist.com/cve-2019-0797-zero-day-vulnerability/89885/


    • Clément Lecigne of Google’s Threat Analysis Group


    • CVE-2019-5786


    • Google


    • Chrome


    • Memory Corruption


    • Use-after-free in FileReader


    • 2019-03-01


    • https://chromereleases.googleblog.com/2019/03/stable-channel-update-for-desktop.html


    • https://blog.exodusintel.com/2019/03/20/cve-2019-5786-analysis-and-exploitation/


    • Clement Lecigne of Google’s Threat Analysis Group


    • CVE-2019-0676


    • Microsoft


    • Internet Explorer


    • Information Leak


    • Unspecified information leak vulnerability


    • 2019-02-12


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0676


    • Clement Lecigne of Google’s Threat Analysis Group


    • CVE-2019-7286


    • Apple


    • iOS


    • Memory Corruption


    • Use-after-free in CFPrefsDaemon


    • 2019-02-07


    • https://support.apple.com/en-us/HT209520


    • https://blog.zecops.com/vulnerabilities/analysis-and-reproduction-of-cve-2019-7286/


    • “Clement Lecigne of Google Threat Analysis Group


    • Ian Beer & Samuel Groß of Google Project Zero


    • & an anonymous researcher”


    • CVE-2019-7287


    • Apple


    • iOS


    • Memory Corruption


    • Buffer overflow in ProvInfoIOKitUserClient


    • 2019-02-07


    • https://support.apple.com/en-us/HT209520


    • https://www.antid0te.com/blog/19-02-23-ios-kernel-cve-2019-7287-memory-corruption-vulnerability.html


    • “Clement Lecigne of Google Threat Analysis Group


    • Ian Beer & Samuel Groß of Google Project Zero


    • & an anonymous researcher”


    • CVE-2018-8653


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Use-after-free in Enumerator


    • 2018-12-19


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8653


    • https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/ie-scripting-flaw-still-a-threat-to-unpatched-systems-analyzing-cve-2018-8653/


    • Clement Lecigne of Google’s Threat Analysis Group


    • CVE-2018-8611


    • Microsoft


    • Windows


    • Memory Corruption


    • Race condition in kernel transaction manager


    • 2018-10-29


    • 2018-12-11


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8611


    • https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/


    • “FruityArmor/Stealth Falcon


    • and Sandcat”


    • https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/


    • Boris Larin (Oct0xor) & Igor Soumenkov (2igosha) of Kaspersky Lab


    • CVE-2018-15982


    • Adobe


    • Flash


    • Memory Corruption


    • Use-after-free in TVSDK Metadata


    • 2018-11-29


    • 2018-12-05


    • https://helpx.adobe.com/security/products/flash-player/apsb18-42.htmlred=a


    • http://blogs.360.cn/post/PoisonNeedles_CVE-2018-15982_EN


    • “Chenming Xu and Ed Miles of Gigamon ATR


    • Yang Kang (@dnpushme) and Jinquan (@jq0904) of Qihoo 360 Core Security (@360CoreSec)


    • He Zhiqiu


    • Qu Yifan


    • Bai Haowen


    • Zeng Haitao and Gu Liang of 360 Threat Intelligence of 360 Enterprise Security Group


    • b2ahex”


    • CVE-2018-8589


    • Microsoft


    • Windows


    • Memory Corruption


    • Race condition in win32k!xxxMoveWindow


    • 2018-10-17


    • 2018-11-13


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8589


    • https://securelist.com/a-new-exploit-for-zero-day-vulnerability-cve-2018-8589/88845/


    • “FruityArmor/Stealth Falcon


    • and Sandcat”


    • https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/


    • Boris Larin (Oct0xor) & Igor Soumenkov (2igosha) of Kaspersky Lab


    • CVE-2018-8453


    • Microsoft


    • Windows


    • Memory Corruption


    • Use-after-free in win32kfull!xxxDestroyWindow


    • 2018-08-17


    • 2018-10-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8453


    • https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/


    • FruityArmor/Stealth Falcon


    • https://securelist.com/cve-2018-8453-used-in-targeted-attacks/88151/


    • Kaspersky Lab


    • CVE-2018-8373


    • Microsoft


    • VBScript


    • Memory Corruption


    • Use-after-free in VBScript AssignVar


    • 2018-07-11


    • 2018-08-14


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8373


    • https://blog.trendmicro.com/trendlabs-security-intelligence/use-after-free-uaf-vulnerability-cve-2018-8373-in-vbscript-engine-affects-internet-explorer-to-run-shellcode/


    • Elliot Cao of Trend Micro Security Research working with Trend Micro’s Zero Day Initiative (ZDI)


    • CVE-2018-5002


    • Adobe


    • Flash


    • Memory Corruption


    • Out-of-bounds read/write in AVM li8 opcode


    • 2018-06-07


    • https://helpx.adobe.com/security/products/flash-player/apsb18-19.html


    • https://s.tencent.com/research/report/489.html


    • FruityArmor/Stealth Falcon


    • https://twitter.com/craiu/status/1038046509793722368


    • “Chenming Xu and Jason Jones of ICEBRG


    • Bai Haowen


    • Zeng Haitao and Huang Chaowen of 360 Threat Intelligence Center of 360 Enterprise Security Group


    • and Yang Kang


    • Hu Jiang


    • Zhang Qing


    • and Jin Quan of Qihoo 360 Core Security (@360CoreSec)


    • Tencent PC Manager (http://guanjia.qq.com/) “


    • CVE-2018-4990


    • Adobe


    • Reader


    • Memory Corruption


    • Out-of-bounds free in JPEG2000 CMAP


    • 2018-05-14


    • https://helpx.adobe.com/security/products/acrobat/apsb18-09.html


    • https://srcincite.io/blog/2018/05/21/adobe-me-and-a-double-free.html


    • “Anton Cherepanov of ESET & Matt Oh of Microsoft


    • Ke Liu of Tencent’s Xuanwu LAB working via Trend Micro’s Zero Day Initiative”


    • CVE-2018-8120


    • Microsoft


    • Windows


    • Memory Corruption


    • NULL pointer dereference in NtUserSetImeInfoEx


    • 2018-05-08


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8120


    • https://www.welivesecurity.com/2018/05/15/tale-two-zero-days/


    • “Dan Lutas of Bitdefender


    • Ding Maoyin of Qihoo 360 Core Security


    • Anton Ivanov of Kaspersky Lab


    • Song Shenlei of Qihoo 360 Core Security


    • Anonymous working with Trend Micro’s Zero Day Initiative


    • Simon Zuckerbraun working with Trend Micro’s Zero Day Initiative


    • Yang Kang of Qihoo 360 Core Security


    • Jinquan of Qihoo 360 Core Security


    • Vladislav Stolyarov of Kaspersky Lab”


    • CVE-2018-8174


    • Microsoft


    • VBScript


    • Memory Corruption


    • Use-after-free in VBScriptClass::Release


    • 2018-05-08


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8174


    • https://securelist.com/root-cause-analysis-of-cve-2018-8174/85486/


    • “Anton Cherepanov


    • Senior Malware Researcher of ESET”


    • CVE-2018-4878


    • Adobe


    • Flash


    • Memory Corruption


    • Use-after-free in MediaPlayer DRM Listener


    • 2018-02-06


    • https://helpx.adobe.com/security/products/flash-player/apsb18-03.html


    • http://blog.morphisec.com/cve-2018-4878-an-analysis-of-the-flash-player-hack


    • ScarCruft/APT37/Reaper


    • https://www.fireeye.com/blog/threat-research/2018/02/attacks-leveraging-adobe-zero-day.html


    • KrCERT/CC


    • CVE-2018-0802


    • Microsoft


    • Office


    • Memory Corruption


    • Buffer overflow in equation editor lfFaceName


    • 2018-01-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802


    • https://www.freebuf.com/vuls/159789.html


    • “Liang Yin of Tencent PC Manager


    • Zhiyuan Zheng


    • Yuki Chen of Qihoo 360 Vulcan Team


    • Yang Kang


    • Ding Maoyin and Song Shenlei


    • and Jinquan of Qihoo 360 Core Security (@360CoreSec)


    • Luka Treiber of 0patch Team – ACROS Security


    • zhouat of Qihoo 360 Vulcan Team


    • bee13oy of Qihoo 360 Vulcan Team


    • Netanel Ben Simon and Omer Gull of Check Point Software Technologies”


    • CVE-2017-11292


    • Adobe


    • Flash


    • Memory Corruption


    • Type confusion in TVSDK BufferControlParameters


    • 2017-10-10


    • 2017-10-16


    • https://helpx.adobe.com/security/products/flash-player/apsb17-32.html


    • https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/


    • BlackOasis


    • https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/


    • Anton Ivanov of Kaspersky Labs


    • CVE-2017-11826


    • Microsoft


    • Office


    • Memory Corruption


    • Memory corruption in Open XML format nested tags


    • 2017-09-28


    • 2017-10-10


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11826


    • https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/analyzing-microsoft-office-zero-day-exploit-cve-2017-11826-memory-corruption-vulnerability/


    • “Yang Kang


    • Ding Maoyin and Song Shenlei of Qihoo 360 Core Security (@360CoreSec)”


    • CVE-2017-8759


    • Microsoft


    • Office


    • Logic/Design Flaw


    • Code injection in SOAP WSDL parser


    • 2017-09-12


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8759


    • https://www.fireeye.com/blog/threat-research/2017/09/zero-day-used-to-distribute-finspy.html


    • BlackOasis


    • https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/


    • “Genwei Jiang and Dhanesh Kizhakkinan of FireEye


    • Inc.”


    • CVE-2017-8464


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Code injection in LNK file ExtraData parsing


    • 2017-06-13


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8464


    • http://www.vxjump.net/files/vuln_analysis/cve-2017-8464.txt


    • CVE-2017-8543


    • Microsoft


    • Windows


    • Memory Corruption


    • Buffer overflow in Windows Search CTableVariant


    • 2017-06-13


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8543


    • https://mp.weixin.qq.com/s/X2JcKCpCH4exDoxMK5oN5Q
      CVE-2017-0261


    • Microsoft


    • Office


    • Memory Corruption


    • Use-after free in EPS restore operator


    • 2017-05-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0261


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • Turla


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • CVE-2017-0262


    • Microsoft


    • Office


    • Memory Corruption


    • Type Confusion in EPS forall operator


    • 2017-05-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0262


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • “Mikhail Tsvetkov of Positive Technologies


    • Dhanesh Kizhakkinan of FireEye Inc


    • Thomas Dupuy and Jessy Campos of ESET”


    • CVE-2017-0263


    • Microsoft


    • Windows


    • Memory Corruption


    • Use-after-free in win32k!xxxDestroyWindow


    • 2017-05-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0263


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://www.fireeye.com/blog/threat-research/2017/05/eps-processing-zero-days.html


    • “Thomas Dupuy and Jessy Campos of ESET


    • Genwei Jiang of FireEye


    • Inc.”


    • CVE-2017-0222


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Unspecified memory corruption in Internet Explorer


    • 2017-05-09


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0222


    • “Genwei Jiang of FireEye


    • Inc.


    • Steven Hunter of MSRC Vulnerabilities & Mitigations”


    • CVE-2017-8291


    • Ghostscript


    • Ghostscript


    • Memory Corruption


    • Type confusion in rsdparams internal operator


    • 2017-04-27


    • https://bugs.ghostscript.com/show_bug.cgiid=697799


    • https://git.ghostscript.com/p=ghostpdl.git;a=commitdiff;h=04b37bbce1


    • https://web.archive.org/web/20170618201817/https://blog.hipchat.com/2017/04/24/hipchat-security-notice/


    • CVE-2017-0210


    • Microsoft


    • Internet Explorer


    • UXSS


    • UXSS in htmlFile ActiveX control


    • 2017-04-11


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0210


    • https://blog.talosintelligence.com/2017/04/ms-tuesday.html


    • “Ryan Hanson (@Ryhanson) of Optiv


    • Microsoft MSRC Vulnerabilities and Mitigations Team


    • Microsoft Office Security Team


    • Genwei Jiang


    • FLARE Team


    • FireEye Inc


    • Eduardo Braun Prado of SecuriTeam Secure Disclosure (SSD)”


    • CVE-2017-0199


    • Microsoft


    • Office


    • Logic/Design Flaw


    • Logic/design flaw in embedded HTA documents


    • 2017-04-11


    • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-0199


    • https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199-hta-handler.html


    • (FINSPY/LatentBot)


    • https://www.fireeye.com/blog/threat-research/2017/04/cve-2017-0199_useda.html


    • CVE-2017-1274


    • IBM


    • Domino


    • Memory Corruption


    • Buffer overflow in IMAP EXAMINE (EmphasisMine)


    • 2017-03-20


    • http://www-01.ibm.com/support/docview.wssuid=swg22002280


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • CVE-2017-3881


    • Cisco


    • IOS


    • Memory Corruption


    • Buffer overflow in IOS Cluster Management Protocol


    • 2017-03-17


    • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170317-cmp


    • https://artkond.com/2017/04/10/cisco-catalyst-remote-code-execution/


    • Vault 7


    • https://blogs.cisco.com/security/the-wikileaks-vault-7-leak-what-we-know-so-far


    • Vault 7 Disclosure


    • CVE-2017-0149


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Memory corruption in VBScript rtJoin


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-006


    • https://twitter.com/jq0904/status/1062168435818283008


    • CVE-2017-0022


    • Microsoft


    • XML Core Services


    • Information Leak


    • Information leak in MSXML version resource


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-022


    • https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2017-0022-microsoft-patches-vulnerability-exploited-adgholas-neutrino/


    • AdGholas/Neutrino


    • CVE-2017-0005


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in GDI


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-013


    • https://cloudblogs.microsoft.com/microsoftsecure/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/


    • ZIRCONIUM/APT31


    • https://cloudblogs.microsoft.com/microsoftsecure/2017/03/27/detecting-and-mitigating-elevation-of-privilege-exploit-for-cve-2017-0005/


    • CVE-2017-0143


    • Microsoft


    • Windows


    • Memory Corruption


    • Type confusion in SMB messages (EternalSynergy)


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010


    • https://blogs.technet.microsoft.com/srd/2017/07/13/eternal-synergy-exploit-analysis/


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • CVE-2017-0144


    • Microsoft


    • Windows


    • Memory Corruption


    • Buffer overflow in SMB File Extended Attributes (EternalBlue)


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010


    • https://research.checkpoint.com/eternalblue-everything-know/


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • CVE-2017-0145


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified type confusion in SMB (EternalRomance)


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010


    • https://www.microsoft.com/security/blog/2017/06/16/analysis-of-the-shadow-brokers-release-and-mitigation-with-windows-10-virtualization-based-security/


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • Lockheed Martin Computer Incident Response Team


    • CVE-2017-0146


    • Microsoft


    • Windows


    • Memory Corruption


    • Race condition in SMB transactions (EternalChampion)


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010


    • https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • “Will Matcalf of Proofpoint


    • Kafeine of Proofpoint


    • Joseph C Chen of Trend Micro


    • Brooks Li of Trend Micro”


    • CVE-2017-0147


    • Microsoft


    • Windows


    • Information Leak


    • Information leak in SMB transactions (EternalChampion)


    • 2017-03-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2017/ms17-010


    • https://blogs.technet.microsoft.com/srd/2017/06/29/eternal-champion-exploit-analysis/


    • Equation Group


    • https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation


    • CVE-2016-7892


    • Adobe


    • Flash


    • Memory Corruption


    • Unspecified use-after-free issue


    • 2016-12-13


    • https://helpx.adobe.com/security/products/flash-player/apsb16-39.html


    • Anonymous researcher working with JPCERT/CA


    • CVE-2016-9079


    • Mozilla


    • Firefox


    • Memory Corruption


    • Use-after-free in SVG Animation (Tor exploit)


    • 2016-11-29


    • 2016-11-30


    • https://www.mozilla.org/en-US/security/advisories/mfsa2016-92/


    • https://bugzilla.mozilla.org/show_bug.cgiid=1321066


    • Exodus Intel


    • https://www.forbes.com/sites/thomasbrewster/2016/12/02/exodus-intel-the-company-that-exposed-tor-for-cops-child-porn-bust/


    • Obscured Team


    • CVE-2016-7256


    • Microsoft


    • Windows


    • Memory Corruption


    • Memory corruption on OpenType fonts CFF name index


    • 2016-11-08


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-132


    • https://asec.ahnlab.com/1050


    • https://www.microsoft.com/security/blog/2017/01/13/hardening-windows-10-with-zero-day-exploit-mitigations/


    • “Feike Hacquebord


    • Peter Pi


    • and Brooks Li of Trend Micro


    • Neel Mehta and Billy Leonard of Google’s Threat Analysis Group”


    • CVE-2016-7255


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Memory corruption in NtUserSetWindowLongPtr


    • 2016-10-21


    • 2016-11-08


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-135


    • https://blog.trendmicro.com/trendlabs-security-intelligence/one-bit-rule-system-analyzing-cve-2016-7255-exploit-wild/


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/


    • Kijong Son of KrCERT/CC in Korean Internet & Security Agency (KISA)


    • CVE-2016-7855


    • Adobe


    • Flash


    • Memory Corruption


    • Unspecified use-after-free issue


    • 2016-10-21


    • 2016-10-26


    • https://helpx.adobe.com/security/products/flash-player/apsb16-36.html


    • https://security.googleblog.com/2016/10/disclosing-vulnerabilities-to-protect.html


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-ramps-up-spear-phishing-before-zero-days-get-patched/


    • Neel Mehta and Billy Leonard from Google’s Threat Analysis Group


    • CVE-2016-5195


    • Linux


    • Kernel


    • Memory Corruption


    • Race condition in copy-on-write (DirtyCOW)


    • 2016-10-18


    • https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails


    • Phil Oester


    • CVE-2016-3298


    • Microsoft


    • Internet Explorer


    • Information Leak


    • Information leak in Microsoft.XMLDOM


    • 2016-10-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-118


    • https://blog.trendmicro.com/trendlabs-security-intelligence/cve-2016-3298-microsoft-fixes-another-ie-zero-day-used-in-adgholas/


    • AdGholas/Neutrino


    • https://www.proofpoint.com/us/threat-insight/post/microsoft-patches-CVE-2016-3298-second-information-disclosure-zero-day


    • CVE-2016-3393


    • Microsoft


    • Windows


    • Memory Corruption


    • Memory corruption in TTF cjComputeGLYPHSET_MSFT_GENERAL


    • 2016-10-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-120


    • https://securelist.com/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/76396/


    • FruityArmor/Stealth Falcon


    • https://securelist.com/windows-zero-day-exploit-used-in-targeted-attacks-by-fruityarmor-apt/76396/


    • CVE-2016-7193


    • Microsoft


    • Office


    • Memory Corruption


    • Memory corruption in dfrxst


    • 2016-10-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-121


    • https://paper.seebug.org/288/


    • CVE-2016-3351


    • Microsoft


    • Internet Explorer


    • Information Leak


    • Information leak in a.mimeType


    • 2016-09-13


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-104


    • https://blog.trendmicro.com/trendlabs-security-intelligence/microsoft-patches-ieedge-zeroday-used-in-adgholas-malvertising-campaign/


    • AdGholas


    • https://www.proofpoint.com/us/threat-insight/post/Microsoft-Patches-Zero-Day-Exploited-By-AdGholas-GooNky-Malvertising


    • “Kafeine


    • Brooks Li ofTrend Micro”


    • CVE-2016-4655


    • Apple


    • iOS


    • Information Leak


    • Information leak in kernel OSUnserializeBinary (Pegasus)


    • 2016-08-15


    • 2016-08-25


    • https://support.apple.com/en-us/HT207107


    • https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf


    • NSO Group


    • https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/


    • Citizen Lab and Lookout


    • CVE-2016-4656


    • Apple


    • iOS


    • Memory Corruption


    • Use-after-free in kernel OSUnserializeBinary (Pegasus)


    • 2016-08-15


    • 2016-08-25


    • https://support.apple.com/en-us/HT207107


    • https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf


    • NSO Group


    • https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/


    • Citizen Lab and Lookout


    • CVE-2016-4657


    • Apple


    • WebKit


    • Memory Corruption


    • Use-after-free in MarkedArgumentBuffer (Pegasus)


    • 2016-08-15


    • 2016-08-25


    • https://support.apple.com/en-us/HT207107


    • https://info.lookout.com/rs/051-ESQ-475/images/pegasus-exploits-technical-details.pdf


    • NSO Group


    • https://citizenlab.ca/2016/08/million-dollar-dissident-iphone-zero-day-nso-group-uae/


    • Citizen Lab and Lookout


    • CVE-2016-6366


    • Cisco


    • ASA


    • Memory Corruption


    • Buffer overflow in SNMP parsing (EXTRABACON)


    • 2016-08-15


    • 2016-08-17


    • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-snmp


    • https://blog.silentsignal.eu/2016/08/25/bake-your-own-extrabacon/


    • Equation Group


    • https://securelist.com/the-equation-giveaway/75812/


    • Shadow Brokers


    • CVE-2016-6367


    • Cisco


    • ASA


    • Memory Corruption


    • Buffer overflow in CLI parsing (EPICBANANA)


    • 2016-08-15


    • 2016-08-17


    • https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160817-asa-cli


    • Equation Group


    • https://securelist.com/the-equation-giveaway/75812/


    • Shadow Brokers


    • CVE-2016-4171


    • Adobe


    • Flash


    • Memory Corruption


    • Memory corruption in ExecPolicy metadata parsing


    • 2016-06-15


    • https://helpx.adobe.com/security/products/flash-player/apsb16-18.html


    • https://securelist.com/operation-daybreak/75100/


    • ScarCruft/APT37/Reaper


    • https://securelist.com/operation-daybreak/75100/


    • Anton Ivanov of Kaspersky


    • CVE-2016-4117


    • Adobe


    • Flash


    • Memory Corruption


    • Type confusion in tvsdk DeleteRangeTimelineOperation


    • 2016-05-08


    • 2016-05-12


    • https://helpx.adobe.com/security/products/flash-player/apsb16-15.html


    • https://www.fireeye.com/blog/threat-research/2016/05/cve-2016-4117-flash-zero-day.html


    • BlackOasis


    • https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/


    • “Genwei Jiang of FireEye


    • Inc”


    • CVE-2016-0189


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Memory corruption in VBScript AccessArray


    • 2016-05-10


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-051


    • https://theori.io/research/cve-2016-0189


    • https://www.symantec.com/connect/blogs/internet-explorer-zero-day-exploit-used-targeted-attacks-south-korea


    • CVE-2016-0162


    • Microsoft


    • Internet Explorer


    • Information Leak


    • Unspecified file detection issue


    • 2016-04-12


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-037


    • https://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/


    • Stegano/Astrum


    • https://www.welivesecurity.com/2016/12/06/readers-popular-websites-targeted-stealthy-stegano-exploit-kit-hiding-pixels-malicious-ads/


    • “Dhanesh Kizhakkinan of FireEye


    • Inc.”


    • CVE-2016-0165


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Buffer overflow in RGNMEMOBJ::vCreate


    • 2016-04-12


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039


    • https://www.secureauth.com/blog/ms16-039-windows-10-64-bits-integer-overflow-exploitation-by-using-gdi-objects


    • “Sebastian Apelt of Siberas working with Trend Micro’s Zero Day Initiative


    • Anton Ivanov of Kaspersky Lab”


    • CVE-2016-0167


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Use-after-free in win32k!xxxMNDestroyHandler


    • 2016-03-08


    • 2016-04-12


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-039


    • https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html


    • FIN8


    • https://www.fireeye.com/blog/threat-research/2016/05/windows-zero-day-payment-cards.html


    • “Ladislav Janko


    • working with ESET”


    • CVE-2016-1019


    • Adobe


    • Flash


    • Memory Corruption


    • Type confusion in FileReference


    • 2016-04-02


    • 2016-04-07


    • https://helpx.adobe.com/security/products/flash-player/apsb16-10.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/look-adobe-flash-player-cve-2016-1019-zero-day-vulnerability/


    • Magnitude


    • https://www.proofpoint.com/us/threat-insight/post/killing-zero-day-in-the-egg


    • “Kafeine (EmergingThreats/Proofpoint)


    • Genwei Jiang (FireEye


    • Inc.)


    • Clement Lecigne of Google”


    • CVE-2016-1010


    • Adobe


    • Flash


    • Memory Corruption


    • Buffer overflow in BitmapData.copyPixels


    • 2016-03-10


    • https://helpx.adobe.com/security/products/flash-player/apsb16-08.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/root-cause-analysis-recent-flash-zero-day-vulnerability-cve-2016-1010/


    • ScarCruft/APT37/Reaper


    • https://securelist.com/cve-2016-4171-adobe-flash-zero-day-used-in-targeted-attacks/75082/


    • Anton Ivanov of Kaspersky Lab


    • CVE-2016-0984


    • Adobe


    • Flash


    • Memory Corruption


    • Use-after-free in Sound.loadPCMFromByteArray


    • 2016-01-11


    • 2016-02-09


    • https://helpx.adobe.com/security/products/flash-player/apsb16-04.html


    • https://bugs.chromium.org/p/project-zero/issues/detailid=698&redir=1


    • BlackOasis


    • https://securelist.com/blackoasis-apt-and-new-targeted-attacks-leveraging-zero-day-exploit/82732/


    • Natalie Silvanovich of Google Project Zero


    • CVE-2016-0034


    • Microsoft


    • Silverlight


    • Memory Corruption


    • Memory corruption in BinaryReader


    • 2015-11-25


    • 2016-01-12


    • https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2016/ms16-006


    • https://securelist.com/blog/research/73255/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • Anton Ivanov and Costin Raiu of Kaspersky Lab


    • CVE-2015-8651


    • Adobe


    • Flash


    • Memory Corruption


    • Integer overflow in domainMemory


    • 2015-12-28


    • https://helpx.adobe.com/security/products/flash-player/apsb16-01.html


    • Dark Hotel


    • https://web.archive.org/web/20160104165148/http://drops.wooyun.org/tips/11726


    • CVE-2015-6175


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Memory corruption in gpuenergydrv.sys


    • 2015-12-08


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-135


    • ChenDong Li of Tencent


    • CVE-2015-4902


    • Oracle


    • Java


    • Logic/Design Flaw


    • Click-to-play bypass


    • 2015-10-20


    • https://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://blog.trendmicro.com/trendlabs-security-intelligence/new-headaches-how-the-pawn-storm-zero-day-evaded-javas-click-to-play-protection/


    • Trend Micro


    • CVE-2015-7645


    • Adobe


    • Flash


    • Type Confusion


    • Type confusion in IExternalizable.writeExternal


    • 2015-10-13


    • 2015-10-16


    • https://helpx.adobe.com/security/products/flash-player/apsb15-27.html


    • https://bugs.chromium.org/p/project-zero/issues/detailid=547


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-flash-zero-day-used-in-pawn-storm-campaign/


    • “Peter Pi of Trend Micro


    • Natalie Silvanovich of Google Project Zero”


    • CVE-2015-2546


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Use-after-free in xxxSendMessage (tagPOPUPMENU)


    • 2015-09-08


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-097


    • https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/twoforonefinal.pdf


    • Genwei Jiang of FireEye


    • CVE-2015-2545


    • Microsoft


    • Office


    • Memory Corruption


    • Use-after-free in EPS forall operator


    • 2015-09-08


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-099


    • https://www.fireeye.com/content/dam/fireeye-www/blog/pdfs/twoforonefinal.pdf


    • Wang Yu of FireEye


    • CVE-2015-2502


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Use-after-free in CMarkup::ReparentTableSection


    • 2015-08-18


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-093


    • https://twitter.com/Laughing_Mantis/statuses/633839231840841728


    • Clement Lecigne of Google


    • CVE-2015-1642


    • Microsoft


    • Office


    • Memory Corruption


    • Use-after-free in CTaskSymbol


    • 2015-02-27


    • 2015-08-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-081


    • https://labs.mwrinfosecurity.com/advisories/2015/08/17/microsoft-office-ctasksymbol-use-after-free-vulnerability/


    • CVE-2015-1769


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Symbolic link attack in Mount Manager


    • 2015-08-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-085


    • http://h3ysatan.blogspot.com/2016/01/cve-2015-1769-cve-2015-1769-mount.html


    • “Fortinet’s FortiGuard Labs


    • Yong Chuan Koh (@yongchuank) of MWR Labs


    • s3tm3m@gmail.com working with VeriSign iDefense Labs”


    • CVE-2015-2426


    • Microsoft


    • Windows


    • Memory Corruption


    • OpenType Font Driver buffer overflow in ZwGdiAddFontMemResourceEx


    • 2015-07-05


    • 2015-07-20


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-078


    • http://blog.trendmicro.com/trendlabs-security-intelligence/hacking-team-leak-uncovers-another-windows-zero-day-ms-releases-patch/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • “Mateusz Jurczyk of Google Project Zero


    • Genwei Jiang of FireEye


    • Moony Li of TrendMicro”


    • CVE-2015-5122


    • Adobe


    • Flash


    • Use-after-free


    • Use-after-free in TextBlock


    • 2015-07-05


    • 2015-07-14


    • https://helpx.adobe.com/security/products/flash-player/apsb15-18.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/another-zero-day-vulnerability-arises-from-hacking-team-data-leak/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • Trend Micro


    • CVE-2015-5123


    • Adobe


    • Flash


    • Use-after-free


    • Use-after-free in BitmapData


    • 2015-07-05


    • 2015-07-14


    • https://helpx.adobe.com/security/products/flash-player/apsb15-18.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/new-zero-day-vulnerability-cve-2015-5123-in-adobe-flash-emerges-from-hacking-team-leak/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • “The Labs Team of iSIGHT Partners


    • Edward Fjellskål of Telenor CERT”


    • CVE-2015-2387


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • ATMFD.DLL named escape memory corruption


    • 2015-07-05


    • 2015-07-14


    • https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-077


    • https://blog.trendmicro.com/trendlabs-security-intelligence/a-look-at-the-open-type-font-manager-vulnerability-from-the-hacking-team-leak/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • “Bill Finlayson of Vectra Networks


    • Dhanesh Kizhakkinan of FireEye


    • Peter Pi of TrendMicro”


    • CVE-2015-2425


    • Microsoft


    • Internet Explorer


    • Use-after-free


    • Use-after-free in MutationObserver


    • 2015-07-05


    • 2015-07-14


    • https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-065


    • https://blog.trendmicro.com/trendlabs-security-intelligence/gifts-from-hacking-team-continue-ie-zero-day-added-to-mix/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • Google Project Zero and Morgan Marquis-Boire


    • CVE-2015-2424


    • Microsoft


    • Office


    • Memory Corruption


    • Heap corruption in Forms.Image.1


    • 2015-06-30


    • 2015-07-14


    • https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-070


    • https://web.archive.org/web/20150717041821/http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://web.archive.org/web/20150717041821/http://www.isightpartners.com/2015/07/microsoft-office-zero-day-cve-2015-2424-leveraged-by-tsar-team/


    • Peter Pi of TrendMicro and slipstream/RoL (@TheWack0lian)


    • CVE-2015-2590


    • Oracle


    • Java


    • Race Condition


    • Race condition in ObjectInputStream.readSerialData


    • 2015-07-14


    • https://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html


    • https://twitter.com/tiraniddo/status/621308239909646336


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://blog.trendmicro.com/trendlabs-security-intelligence/pawn-storm-update-trend-micro-discovers-new-java-zero-day-exploit/


    • Dhanesh Kizhakkinan of FireEye


    • CVE-2015-5119


    • Adobe


    • Flash


    • Use-after-free


    • Use-after-free in ByteArray ValueOf


    • 2015-07-05


    • 2015-07-08


    • https://helpx.adobe.com/security/products/flash-player/apsb15-16.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/unpatched-flash-player-flaws-more-pocs-found-in-hacking-team-leak/


    • HackingTeam


    • https://web.archive.org/web/20150706010312/https://twitter.com/hackingteam


    • Google Project Zero and Morgan Marquis-Boire


    • CVE-2015-3113


    • Adobe


    • Flash


    • Memory Corruption


    • Buffer overflow in FLV media parsing


    • 2015-06-23


    • https://helpx.adobe.com/security/products/flash-player/apsb15-14.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/new-adobe-zero-day-shares-same-root-cause-as-older-flaws/


    • APT3


    • https://www.fireeye.com/blog/threat-research/2015/06/operation-clandestine-wolf-adobe-flash-zero-day.html


    • FireEye


    • CVE-2015-2360


    • Microsoft


    • Windows Kernel


    • Memory Corruption


    • Use-after-free on tagCLS object


    • 2015-06-09


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-061


    • https://blog.trendmicro.com/trendlabs-security-intelligence/analysis-of-cve-2015-2360-duqu-2-0-zero-day-vulnerability/


    • Duqu/Unit 8200


    • https://securelist.com/the-mystery-of-duqu-2-0-a-sophisticated-cyberespionage-actor-returns/70504/


    • “Maxim Golovkin of Kaspersky Lab


    • enSilo Research Team”


    • CVE-2015-4495


    • Mozilla


    • Firefox


    • Logic/Design Flaw


    • Same-origin policy bypass in PDF reader


    • 2015-08-05


    • 2015-08-06


    • https://www.mozilla.org/en-US/security/advisories/mfsa2015-78/


    • https://blog.mozilla.org/security/2015/08/06/firefox-exploit-found-in-the-wild/


    • Cody Crews


    • CVE-2015-1701


    • Microsoft


    • Windows Kernel


    • Logic/Design Flaw


    • CreateWindow callback validation error


    • 2015-04-18


    • 2015-05-12


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-051


    • https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html


    • CVE-2015-3043


    • Adobe


    • Flash


    • Memory Corruption


    • Buffer overflow in FLV media parsing


    • 2015-04-13


    • 2015-04-14


    • https://helpx.adobe.com/security/products/flash-player/apsb15-06.html


    • https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html


    • APT28/Sofacy/Pawn Storm/Fancy Bear/Sednit/STRONTIUM/Tsar Team


    • https://www.fireeye.com/blog/threat-research/2015/04/probable_apt28_useo.html


    • The Labs Team of iSIGHT Partners


    • CVE-2015-1641


    • Microsoft


    • Office


    • Memory Corruption


    • Type confusion in SmartTag element


    • 2015-04-14


    • https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2015/ms15-033


    • https://paper.seebug.org/351/


    • Anonymous


    • CVE-2015-0071


    • Microsoft


    • Internet Explorer


    • Information Leak


    • Out-of-bounds read in Js::JavascriptRegExpConstructor::SetProperty


    • 2015-02-10


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-009


    • http://blog.trendmicro.com/trendlabs-security-intelligence/bypassing-aslr-with-cve-2015-0071-an-out-of-bounds-read-vulnerability/


    • Codoso/APT19


    • https://web.archive.org/web/20150213004519/http://www.isightpartners.com/2015/02/codoso/


    • “Clement Lecigne of Google


    • The Labs Team of iSIGHT Partners”


    • CVE-2015-0313


    • Adobe


    • Flash


    • Use-after-free


    • Use-after-free in ByteArray::Clear


    • 2015-01-14


    • 2015-02-05


    • https://helpx.adobe.com/security/products/flash-player/apsb15-04.html


    • http://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0313-the-new-flash-player-zero-day/


    • Hanjuan


    • https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0313-the-new-flash-player-zero-day/


    • “Elia Florio and Dave Weston of Microsoft


    • and Peter Pi of Trend Micro”


    • CVE-2015-0311


    • Adobe


    • Flash


    • Use-after-free


    • Use-after-free in ByteArray::UncompressViaZlibVariant


    • 2015-01-20


    • 2015-01-27


    • https://helpx.adobe.com/security/products/flash-player/apsb15-03.html


    • https://blog.trendmicro.com/trendlabs-security-intelligence/analyzing-cve-2015-0311-flash-zero-day-vulnerability/


    • Angler


    • https://blog.trendmicro.com/trendlabs-security-intelligence/flash-greets-2015-with-new-zero-day/


    • Kafeine of Malware don’t need Coffee and Jack Tang of Trend Micro


    • CVE-2015-0310


    • Adobe


    • Flash


    • Information Leak


    • Out-of-bounds read in RegExp::exec


    • 2015-01-16


    • 2015-01-22


    • https://helpx.adobe.com/security/products/flash-player/apsb15-02.html


    • https://bugs.chromium.org/p/chromium/issues/detailid=442585


    • Angler


    • https://www.fireeye.com/blog/threat-research/2015/05/angler_ek_exploiting.html


    • “Yang Dingning


    • working with the Chromium Vulnerability Rewards Program


    • Timo Hirvonen of F-Secure and Kafeine”


    • CVE-2015-0016


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Improper path validation leads to IE sandbox escape


    • 2015-01-13


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2015/ms15-004


    • http://blog.trendmicro.com/trendlabs-security-intelligence/cve-2015-0016-escaping-the-internet-explorer-sandbox/


    • Liam O’Murchu of Symantec


    • CVE-2014-9163


    • Adobe


    • Flash


    • Memory Corruption


    • Unspecified stack buffer overflow in Flash


    • 2014-12-09


    • https://helpx.adobe.com/security/products/flash-player/apsb14-27.html


    • Codoso/APT19


    • https://web.archive.org/web/20150213004519/http://www.isightpartners.com/2015/02/codoso/


    • bilou working with HP’s Zero Day Initiative


    • CVE-2014-6324


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Logic/design flaw in Kerberos KDC allowing remote domain controller escalation of privilege


    • 2014-11-18


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-068


    • https://blogs.technet.microsoft.com/srd/2014/11/18/additional-information-about-cve-2014-6324/


    • “The Qualcomm Information Security & Risk Management team


    • with special recognition for Tom Maddock”


    • CVE-2014-6352


    • Microsoft


    • Office


    • Logic/Design Flaw


    • Logic/design flaw in Packager OLE class


    • 2014-11-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-064


    • https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/bypassing-microsofts-patch-for-the-sandworm-zero-day-even-editing-can-cause-harm/


    • Vitaly Kamluk and Costin Raiu of Kaspersky Lab


    • CVE-2014-4077


    • Microsoft


    • Windows


    • Logic/Design Flaw


    • Unspecified sandbox escape vulnerability in IME (Japanese)


    • 2014-11-11


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-078


    • “Drew Hintz Shane Huntley and Matty Pellegrino of Google Security Team”


    • CVE-2014-4113


    • Microsoft


    • Windows


    • Memory Corruption


    • NULL pointer dereference in win32k!win32k!xxxHandleMenuMessages


    • 2014-10-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-058


    • https://www.fireeye.com/blog/threat-research/2014/10/two-targeted-attacks-two-new-zero-days.html


    • HURRICANE PANDA


    • https://www.crowdstrike.com/blog/crowdstrike-discovers-use-64-bit-zero-day-privilege-escalation-exploit-cve-2014-4113-hurricane-panda/


    • James Forshaw of Context Information Security


    • CVE-2014-4148


    • Microsoft


    • Windows


    • Memory Corruption


    • Unspecified memory corruption in TrueType fonts


    • 2014-10-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-058


    • https://www.fireeye.com/blog/threat-research/2014/10/two-targeted-attacks-two-new-zero-days.html


    • CVE-2014-8439


    • Adobe


    • Flash


    • Memory Corruption


    • Unspecified memory corruption in Flash


    • 2014-10-14


    • https://helpx.adobe.com/security/products/flash-player/apsb14-22.html


    • Angler


    • https://www.f-secure.com/weblog/archives/00002768.html


    • “FireEye


    • Inc.”


    • CVE-2014-4123


    • Microsoft


    • Internet Explorer


    • Memory Corruption


    • Unspecified sandbox escape vulnerability


    • 2014-10-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-056


    • iSIGHT Partners and researchers from ESET


    • CVE-2014-4114


    • Microsoft


    • Office


    • Logic/Design Flaw


    • Logic/design flaw in Packager OLE class


    • 2014-10-14


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-060


    • https://blog.trendmicro.com/trendlabs-security-intelligence/an-analysis-of-windows-zero-day-vulnerability-cve-2014-4114-aka-sandworm/


    • Sandworm/Black Energy


    • https://web.archive.org/web/20141014083644/http://www.isightpartners.com/2014/10/cve-2014-4114/


    • “CrowdStrike Intelligence Team & FireEye


    • Inc.”


    • CVE-2014-0546


    • Adobe


    • Reader


    • Logic/Design Flaw


    • Unspecified sandbox escape vulnerability


    • 2014-08-12


    • https://helpx.adobe.com/security/products/acrobat/apsb14-19.html


    • Animal Farm


    • https://securelist.com/the-mysterious-case-of-cve-2016-0034-the-hunt-for-a-microsoft-silverlight-0-day/73255/


    • James Forshaw of Context Information Security


    • CVE-2014-2817


    • Microsoft


    • Internet Explorer


    • Logic/Design Flaw


    • Sandbox escape in IIEAxInstallBrokerBrokerPtr


    • 2014-08-12


    • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-051


    • https://twitter.com/tiraniddo/status/522135160675127296


    • Costin Raiu and Vitaly Kamluk of Kaspersky Labs

Leave a Reply

Your email address will not be published. Required fields are marked *

You may have missed

2 min read

Critical ‘Pantsdown’ BMC Vulnerability Affects QCT Servers Used in Data Centers

May 26, 2022 yaseen Arafath
3 min read

Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys

May 26, 2022 yaseen Arafath
1 min read

Interpol Arrest Leader of SilverTerrier Cybercrime Gang Behind BEC Attacks

May 25, 2022 yaseen Arafath
2 min read

New Chaos Ransomware Builder Variant “Yashma” Discovered in the Wild

May 25, 2022 yaseen Arafath