Google Chrome 15 fixes 27 security flaws

Google's bug bounties is certainly working. Security researchers have identified over 27 flaws in Google Chrome - one researcher Sergey Glazunov found a number of flaws earning him a respectable $12.174 for five high impact flaws in what Google calls 'cross-origin-policy violations'. Good work Sergey! Other high impact flaws fixed in Chrome 15 include: CVE-2011-2845: URL bar spoof in history handling CVE-2011-3882: Use-after-free in media buffer handling CVE-2011-3883: Use-after-free in counter handling. CVE-2011-3884: Timing issues in DOM traversal. CVE-2011-3885: Stale style bugs leading to use-after-free. CVE-2011-3886: Out of bounds writes in v8. CVE-2011-3888: Use-after-free with plug-in and editing. CVE-2011-3889: Heap overflow in Web Audio. CVE-2011-3890: Use-after-free in

Exploiting Software 02/11 Exploit format Strings with Python

Cracking Java Applications Using AOP Exploits (part 2) By Daniel Drozdzewski AOP has been used in the domain of Software Security before. Its use was mainly for validation, auditing and authorization purposes, which in turn improve software security as a whole. Those crosscutting concerns are being woven into the existing software after the fully functional code has been delivered. Making the process two staged, allows separating the responsibilities. In the second part of the series, Daniel will present the reader with a bit more advanced use of AOP, which will allow us to reverse engineer obfuscated Java applications. On top of that