Vault 7: Projects

This publication series is about specific projects related to the Vault 7 main publication.
SECRE
T//
NOFORN
Pique Analysis Report
20150904-272-Malware
Bytes
-HanJuan Dro
p
s New Tinba
Ra
y
theon Blackbird Technolo
g
i
es,
Inc. 2 04 Se
p
tember 2015
Use or disclosure of data contained on this sheet is su
bje
ct to the restrictions on the title
page
of this document.
SECRE
T//
NOFORN
2.0 (U) Description of the Technique
(S//NF) Not applicable as no PoCs are recommended.
3.0 (U) Identification of Affected Applications
(U) Windows and Linux.
4.0 (U) Related Techniques
(S//NF) Use-After-Free (UAF) exploitation, code injection, unpacking, and ROP.
5.0 (U) Configurable Parameters
(U) Varied.
6.0 (U) Exploitation Method and Vectors
(S//NF) The exploitation methods mentioned in this report are:
CVE-2015-0359 is a Double Free vulnerability in Adobe Flash versions up to 17.0.0.134
CVE-2014-1776 is a Use-After-Free (UAF) vulnerability in MS IE versions 6 through 11
(S//NF) The attack vector mentioned in this report is malvertisement and website re-direct.
7.0 (U) Caveats
(U) None.
8.0 (U) Risks
(S//NF) Not applicable as no PoCs are recommended.
9.0 (U) Recommendations
(S//NF) No PoCs are recommended.