September 2010
3 posts
Anatomy of an exploit: CVE-2010-3081 →
From the guys at Ksplice:
There are three basic ingredients that typically go into a kernel exploit: the bug, the target, and the payload. The exploit triggers the bug — a flaw in the kernel — to write evil data corrupting the target, which is some kernel data structure. Then it prods the kernel to look at that evil data and follow it to run the payload, a snippet of code that gives the...
Severe Adobe Flash + Acrobat vulnerability?
Via LWN:
For those of you using the Adobe Flash player (including on Linux or Android), and, possibly, Adobe Reader users as well: the company has announced a “critical” vulnerability which, evidently, is being actively exploited.
We get to wonder how this can possibly be a critical vulnerability on each and every platform it runs on. Also, we’ll probably never find out...
h5py
After punishing myself for several years with the HDF5 C++ API, today I finally discovered h5py. It’s wonderful, beautiful, magnificent. That’s all.