This is my report of CVEs (Common Vulnerabilities and Exposures) while I was in Viettel Cyber Security as an Software Exploitation Intern.
This repo include 3 CVEs:
- CVE-2015-1701: A Win32k LPE vulnerability used in APT attack.
- CVE-2017-5375: JIT code allocation can allow for a bypass of ASLR and DEP protections leading to potential memory corruption attacks.
- CVE-2022-28672: This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.2.1.53537
The three reports in this repo are written in Vietnamese using Microsoft Word and presented sloppily. They were written when I still lacked knowledge of how to present and use tools and applications to create an easy-to-read report. I apologize for this inconvenience.