Bugtraq mailing list archives
Vulnerability In SecureOL VE2 v1.05.1008
From: maxim () secureol com
Date: 7 Sep 2005 12:42:38 -0000
Introduction: VE2 provides two separate virtual environments (Secured and Public( To ensure corporate security and to provide secured and free access to the WEB while protecting the enterprise. Summary: Windows 16-bit execution support allows direct access to physical memory through \\PhysicalMemory device (which is actually a section) for legacy NTVDM and Virtual Real Mode of the processor, accessing physical memory from Public Environment provides direct bridge to Secured Environment processes memory. Proof of concept: http://cybermessageboard.xeran.com/secureol/viewtopic.php?t=26 Vulnerability submitted by Joe Stewart, 22.08.05 Patch Released: 23.08.05 - VE2 v1.05.1009 The information has been provided by Maxim Vainstein: maxim () secureol com For more information: http://www.secureol.com
Current thread:
- Vulnerability In SecureOL VE2 v1.05.1008 maxim (Sep 07)