[TOOL] OllyDbg Heap Vis

• Previous message: SecuriTeam: "[TOOL] DISE - Distributed Idle Scanning Engine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 2 Jun 2005 16:02:48 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

  OllyDbg Heap Vis
------------------------------------------------------------------------

SUMMARY

DETAILS

You may have noticed the ghosted 'Heap' option under the 'View' menu in
OllyDbg. The feature is available only under Windows 95 based OS's and is
supposed to display a list of allocated memory blocks. The Olly Heap Vis
plug-in was written to provide this functionality and more on all modern
Windows OS's such as Windows 2000, XP and 2003. The OllyDbg Heap Vis
plug-in exposes the following functionality:

 * View Heaps
 * Search Heaps
 * Jump to Heap Chunk
 * Create Heap Visualization

ADDITIONAL INFORMATION

The information has been provided by iDEFENSE Labs.
To keep updated with the tool visit the project's homepage at:
<http://labs.idefense.com> http://labs.idefense.com

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

• Previous message: SecuriTeam: "[TOOL] DISE - Distributed Idle Scanning Engine"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages [NT] Windows Embedded Open Type (EOT) Font Heap Overflow ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A vulnerability in the way that Windows uncompresses Embedded Open Type ... fonts allow the author of a malicious web page to execute arbitrary code ... A heap overflow vulnerability exists in T2EMBED.DLL, ... (Securiteam) [EXPL] Smail preparse_address_1() Heap Overflow ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... There is a heap buffer overflow, ... ssize_t Send(int s, const void *buf, size_t len, int flags) ... (Securiteam) [EXPL] Internet Explorer DHTML Arbitrary Code Execution (MS05-020) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... MOV EAX, DWORD PTR; EAX = Some pointer to the heap for mshtml ... To get some control over the "dirty" value we try to "spray" the heap ... so we use as big a string as possible. ... (Securiteam) [EXPL] Mozilla Browsers Remote Heap Buffer Overrun (Exploit , 0xAD HOST) ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... A heap buffer overrun vulnerability exists in Mozilla browsers, ... of the string to create more large heap blocks. ... var startDate = new Date; ... (Securiteam) [REVS] Microsoft Windows Heap Based Overflow Exploiting ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Presented in this article are several documents discussing Heap based ... heap exploitation and ways to create exploitation more stable. ... A fully documented example on exploiting a heap overflow can be found at: ... (Securiteam)