Full Disclosure mailing list archives
Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability
From: Milan Berger <m.berger () project-mindstorm net>
Date: Wed, 22 May 2013 16:23:42 +0200
Hi,
So, wanna tell me what exactly is critical about you being able to inject marquee tags into your savefile names?
didn't test the POC yet, but I guess the fun is here:
[PERSISTENT INJECTED SYSTEM COMMAND OR CODE!]
Injecting system commands.. -- Kind Regards Milan Berger Project-Mindstorm Technical Engineer --- project-mindstorm.net Fruehlingstrasse 4 90537 Feucht Germany Mob.: +49 176 22987602 https://www.ghcif.de http://www.nopaste.info (for sale) https://www.digital-bit.ch http://www.project-mindstorm.net twitter: http://twitter.com/twit4c _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Sony PS3 Firmware v4.31 - Code Execution Vulnerability Vulnerability Lab (May 20)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 22)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Milan Berger (May 22)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 23)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Gary Driggs (May 23)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Milan Berger (May 22)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 22)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Julius Kivimäki (May 25)
- <Possible follow-ups>
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Vulnerability Lab (May 27)
- Re: Sony PS3 Firmware v4.31 - Code Execution Vulnerability Daniela Hermina (May 27)