Rss Bot

You're reading Free and Premium Magazine Style WordPress Themes, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

The world of internet is probably the most dynamic one, with frequent and rapid changes in style and trend being introduced every now and then. WordPress is significantly popular in the world of internet, where world class free and premium themes are available and the demand of the same is always on a high amongst […]

View the full article

You're reading Microsoft Launches Visual Studio for Mac, Visual Studio 2017 and Visual Studio Mobile Center, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Visual Studio is available now on Mac. Or not? As rumored, Microsoft released Visual Studio Code for MacOS. However, there is some fine print. Contrary to what the name suggests, Visual Studio Code for MacOS is not the Windows equivalent; it’s a rebranding of Xamarin Studio IDE, a C# development environment for the Mac, which […]

View the full article

You're reading Mozilla Releases Firefox 50 and Supercharges Nightly with Quantum, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Firefox is now in its 50th iteration. Initially scheduled for the first week of November, Mozilla delayed the launch for some last minute code optimizations related to the way add-ons are invoked when the browser is started. Specifically, the developers sorted out a significant bug in Firefox add-on SDK module, so, this should speed up […]

View the full article

You're reading 5 Good Collaboration Tools for Design Teams and Freelancers, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

The diversity of skills among the various team members can at times make working together difficult. This is where the team leader comes in. A team leader’s primary role, is to get everyone on the same page and working together. A wise choice of project management and collaboration tools can make this much easier to […]

View the full article

You're reading 4 Ways to Improve Usability and User Experience by Decluttering Designs, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

We often speak about decluttering in the sense of physical stuff like closets or storage. But, we can also speak about decluttering designs too. Decluttering can help improve usability and the user experience on websites. Here are four tips for decluttering you designs. 1. Shorten the Copy Dating back to 1997, Nielsen Norman Group conducted […]

View the full article

You're reading Our Favorite WordPress Themes of 2016, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Every fourth site you came across on the web is made on WordPress. More than 60 million websites are running the popular CMS to present ideas, promote services or sell products. Bloggers, designers, corporate entities, news magazines, banks, NGOs and many other individuals and organizations rely on WordPress to maintain an online presence. Launched 13 […]

View the full article

You're reading Which Languages Should I Learn for Web Development?, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Getting started with web development can be strenuous and confusing. There’s so much to learn and you have so many different options for languages, frameworks, and open source projects to choose from. Where do you even start? There is no single correct answer but there is a natural progression that most developers take. It’s easier […]

View the full article

You're reading Top 50 Fonts of 2016, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Typography is an art combining perspective, technique and ingenuity. A great design comes with great typography. Whether you are creating for web or print, designing brochures or user interfaces, developing a brand identity or creating a logo, one of the key elements of a successful project is the typeface you are using. In fact, the […]

View the full article

You're reading Adobe Introduces Project Felix, Sensei, Updates Creative Cloud and More, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

This year Adobe’s MAX conference brought a lot of exciting news and product updates. While there is nothing out of the extraordinary in the updates for Photoshop and Illustrator, the Creative Cloud received a significant boost in creativity and an AI personality. The star of Adobe Max 2016 is Adobe Sensei, an advanced machine learning […]

View the full article

You're reading WebAssembly Now in Browser Preview Mode, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Major browser vendors have agreed to implement a new web standard that will bring near native performance to the web for online games, music and video streaming, AR and VR, and other applications. The result, WebAssembly, is a portable, cross-vendor, cross-language, size and load time Abstract Syntax Tree (AST) that gets stored in a binary […]

View the full article

You're reading How to Create Checkout Form Using HTML, CSS3 and jQuery, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Topic: HTML / CSS3 / jQuery Difficulty: Intermediate Estimated Completion Time: 30 minutes Hello, everyone! In this tutorial, we are going to create a Shopping Checkout Form using HTML, CSS3 and a little bit of jQuery. We’re going to use Google Fonts for this tutorial, specifically Montserrat. HTML The first thing we need to do […]

View the full article

You're reading Tips for Creating a Great Personal Online Portfolio, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

As a designer I think we’ve all experienced the difficulty of creating something personal, including a portfolio. You end up spending countless hours in Photoshop, trying a hundred different things and after two months you realize that your homepage still says “under construction.” This might not be the case for everybody, but being my own […]

View the full article

You're reading Node.js v7 Has Arrived, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

The Node.js Foundation released version 7 of the ubiquitous Node.js JavaScript runtime environment. With the io.js phenomena a thing of the past, thinks are looking great for Node.js. Today, Node.js is being adopted at an increasing pace by enterprises seeking to gain a competitive advantage. Benefitting from rapid I/O, Node.js produces fast, responsive load times […]

View the full article

You're reading A Design Workflow Comparison: Photoshop vs Illustrator vs Sketch, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

The ever-expanding world of design can be tough to comprehend as a newcomer. With so many tools and techniques available it’s hard to know where to start. Three of the most widely used design programs are Adobe Photoshop, Adobe Illustrator, and the newer Sketch by Bohemian Coding. In this guide I want to compare these […]

View the full article

You're reading A Design Workflow Comparison: Photoshop vs Illustrator vs Sketch, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

The ever-expanding world of design can be tough to comprehend as a newcomer. With so many tools and techniques available it’s hard to know where to start. Three of the most widely used design programs are Adobe Photoshop, Adobe Illustrator, and the newer Sketch by Bohemian Coding. In this guide I want to compare these […]

View the full article

You're reading Top 5 Underutilized Web Performance Tricks for WordPress, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Most of us know by now that speed is a ranking factor with Google. What this means is that WordPress sites that load faster will have a bigger advantage in Google over those that don’t. So it is very important that your WordPress site loads as fast as possible, especially on mobile. And besides the ranking […]

View the full article

You're reading Top 5 Underutilized Web Performance Tricks for WordPress, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

Most of us know by now that speed is a ranking factor with Google. What this means is that WordPress sites that load faster will have a bigger advantage in Google over those that don’t. So it is very important that your WordPress site loads as fast as possible, especially on mobile. And besides the ranking […]

View the full article

You're reading Simbla: Responsive Website Maker, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

It’s no longer surprising that we now have the freedom to make our own websites without having any prior knowledge of code, thanks to the various website makers available. But to find a top website maker that renders this process efficient and easy is something else. Fortunately, Simbla is a top website maker that accommodates […]

View the full article

You're reading Simbla: Responsive Website Maker, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

It’s no longer surprising that we now have the freedom to make our own websites without having any prior knowledge of code, thanks to the various website makers available. But to find a top website maker that renders this process efficient and easy is something else. Fortunately, Simbla is a top website maker that accommodates […]

View the full article

You're reading Emotional Intelligence and the Uncomfortable Side of Design, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

In March 2016, Twitter celebrated its 10th birthday. It was a day filled with pride for the company and many of its followers. In order to make the day amazing for its users, Twitter released a delightful like/heart button animation. It was awesome, but as soon as the day was over the animation was gone […]

View the full article

You're reading Emotional Intelligence and the Uncomfortable Side of Design, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

In March 2016, Twitter celebrated its 10th birthday. It was a day filled with pride for the company and many of its followers. In order to make the day amazing for its users, Twitter released a delightful like/heart button animation. It was awesome, but as soon as the day was over the animation was gone […]

View the full article

You're reading Linux Foundation Launches JS Foundation, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

JavaScript is a high-level, dynamic, untyped and interpreted programming language used in most modern day web applications. With thousands of modules in NPM, the JavaScript ecosystem is the largest open source platform. And while the language is standardized in a vendor-neutral ECMAScript language specification, the ecosystem is deeply convoluted and fragmented. To address this issue, […]

View the full article

You're reading Linux Foundation Launches JS Foundation, originally posted on Designmodo. If you've enjoyed this post, be sure to follow on Twitter, Facebook, Google+!

JavaScript is a high-level, dynamic, untyped and interpreted programming language used in most modern day web applications. With thousands of modules in NPM, the JavaScript ecosystem is the largest open source platform. And while the language is standardized in a vendor-neutral ECMAScript language specification, the ecosystem is deeply convoluted and fragmented. To address this issue, […]

View the full article

By Behzad Najjarpour Jabbari, Senior Security Specialist On October 18, 2016, Oracle released an update for Oracle Outside-In Technology as part of the Oracle Critical Patch Update for October 2016 [1] to fix a heap-based buffer overflow and a use-after-free vulnerability that have been discovered by Secunia Research [2]. Both of which may ultimately result in a system compromise through an application that uses and exposes the affected functionality of Oracle Outside-In Technology and thus are rated as “Highly Critical” by Secunia Research. Additionally, Oracle addressed three further vulnerabilities discovered by Secunia Research that may result in a so-called "Denial of Service" (DoS) condition of an application using Oracle Outside-In Technology. This blog post focusses on the heap-based buffer overflow vulnerability. Product Background: Oracle Outside-In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats [3]. This Oracle product...

View the full article

On October 18, 2016, Oracle released an update for Oracle Outside-In Technology as part of the Oracle Critical Patch Update for October 2016 [1] to fix a heap-based buffer overflow and a use-after-free vulnerability that have been discovered by Secunia Research [2]. Both of which may ultimately result in a system compromise through an application that uses and exposes the affected functionality of Oracle Outside-In Technology and thus are rated as “Highly Critical” by Secunia Research.

Additionally, Oracle addressed three further vulnerabilities discovered by Secunia Research that may result in a so-called “Denial of Service” (DoS) condition of an application using Oracle Outside-In Technology.

This blog post focusses on the heap-based buffer overflow vulnerability.

Product Background:

Oracle Outside-In Technology provides software developers with a comprehensive solution to access, transform, and control the contents of over 500 unstructured file formats [3].

This Oracle product is frequently bundled and used in many popular applications such as Microsoft Exchange, Novell GroupWise, and IBM WebSphere Portal.

File Format Background:

StarWriter files (SDW) are the default file format used by the StarWriter component of StarOffice versions prior to 5.x.

Vulnerability Summary:

The vulnerability is caused due to a boundary error within the “VwStreamRead()” function (vssdw.dll), which can be exploited to cause an out-of-bounds write memory access via a specially crafted SDW file and subsequently cause a crash of, or potentially execute arbitrary code within the context of, an application using the product Oracle Outside-In.

The vulnerability is confirmed in version 8.5.3 (vssdw.dll version 8.5.3.1604151004).

Technical Details:

A fixed-size heap memory block gets allocated by “VwAllocProc()” function, which is being used while processing SDW files:

.text:67AA1400                 push    esi
.text:67AA1401                 push    8FCh            ; dwBytes
.text:67AA1406                 push    0               ; dwFlags
.text:67AA1408                 call    ds:GetProcessHeap
.text:67AA140E                 push    eax             ; hHeap
.text:67AA140F                 call    ds:HeapAlloc
.text:67AA1415                 mov     esi, eax
.text:67AA1417                 test    esi, esi
.text:67AA1419                 jnz     short loc_67AA141D
.text:67AA141B                 pop     esi
.text:67AA141C                 retn
.text:67AA141D ; ---------------------------------------------------------------------------
.text:67AA141D
.text:67AA141D loc_67AA141D:                           ; CODE XREF: VwAllocProc+19
.text:67AA141D                 push    8FCh            ; size_t
.text:67AA1422                 push    0               ; int
.text:67AA1424                 push    esi             ; void *
.text:67AA1425                 call    memset
.text:67AA142A                 add     esp, 0Ch
.text:67AA142D                 mov     [esi+8F8h], esi
.text:67AA1433                 mov     eax, esi
.text:67AA1435                 pop     esi
.text:67AA1436                 retn
.text:67AA1436 VwAllocProc     endp

The function “VwStreamRead()” uses and manages this memory block while processing the SDW file. After some initialization, the function tries to read the bitmap stream embedded in the SDW file:

.text:67AA39F3 loc_67AA39F3:                           ; CODE XREF: VwStreamRead+13A4
.text:67AA39F3                 mov     eax, [esi+3Ch]
.text:67AA39F6                 dec     dword ptr [eax]
.text:67AA39F8                 js      short loc_67AA3A09
.text:67AA39FA                 mov     ecx, [esi+3Ch]
.text:67AA39FD                 mov     eax, [ecx+10h]
.text:67AA3A00                 movzx   edx, byte ptr [eax]
.text:67AA3A03                 inc     eax
.text:67AA3A04                 mov     [ecx+10h], eax
.text:67AA3A07                 jmp     short loc_67AA3A17
.text:67AA3A09 ; ---------------------------------------------------------------------------
.text:67AA3A09
.text:67AA3A09 loc_67AA3A09:                           ; CODE XREF: VwStreamRead+1378
.text:67AA3A09                 push    dword ptr [esi+3Ch]
.text:67AA3A0C                 call    sub_67AA3D90
.text:67AA3A11                 add     esp, 4
.text:67AA3A14                 movsx   edx, ax
.text:67AA3A17
.text:67AA3A17 loc_67AA3A17:                           ; CODE XREF: VwStreamRead+1387
.text:67AA3A17                 movzx   eax, di
.text:67AA3A1A                 inc     edi
.text:67AA3A1B                 mov     [eax+esi+470h], dl
.text:67AA3A22                 test    dl, dl
.text:67AA3A24                 jnz     short loc_67AA39F3

This loop ends when it reaches a Null byte in the stream. As the stream is user-controlled and there are no boundary checks, it’s possible to trigger an out-of-bounds write memory access. By overwriting vftable pointers, it’s possible to change the application’s flow:

.text:67AA3A59                 lea     ecx, [esi+470h]
.text:67AA3A5F                 lea     eax, [edi-2]
.text:67AA3A62                 mov     [ecx], ax
.text:67AA3A65                 push    dword ptr [esi+8F0h]
.text:67AA3A6B                 mov     eax, [esi+854h]
.text:67AA3A71                 push    dword ptr [esi+8ECh]
.text:67AA3A77                 push    ecx
.text:67AA3A78                 push    edi
.text:67AA3A79                 push    326h
.text:67AA3A7E                 call    eax
.text:67AA3A80                 push    dword ptr [esi+8F0h]
.text:67AA3A86                 mov     eax, [esi+854h]
.text:67AA3A8C                 push    dword ptr [esi+8ECh]
.text:67AA3A92                 push    0
.text:67AA3A94                 push    0
.text:67AA3A96                 push    327h
.text:67AA3A9B                 call    eax
.text:67AA3A9D                 push    dword ptr [esi+8F0h]
.text:67AA3AA3                 mov     eax, [esi+854h]
.text:67AA3AA9                 mov     ebx, 1
.text:67AA3AAE                 push    dword ptr [esi+8ECh]
.text:67AA3AB4                 push    0
.text:67AA3AB6                 push    0
.text:67AA3AB8                 push    325h
.text:67AA3ABD                 call    eax
.text:67AA3ABF                 mov     eax, 0E10h
.text:67AA3AC4                 add     esp, 3Ch
.text:67AA3AC7                 cmp     word ptr [esp+0D8h+var_C4], ax

0:000> g
ModLoad: 777d0000 77830000   C:WindowsSysWOW64IMM32.DLL
ModLoad: 75f40000 7600c000   C:Windowssyswow64MSCTF.dll
ModLoad: 709c0000 709ea000   C:UsersbehzadDesktopvw-8-5-3-win-x86-32sdkdemoscclo.dll
ModLoad: 709b0000 709bb000   C:UsersbehzadDesktopvw-8-5-3-win-x86-32sdkdemoSCCSD.DLL
ModLoad: 709a0000 709ad000   C:UsersbehzadDesktopvw-8-5-3-win-x86-32sdkdemoSCCXT.DLL
ModLoad: 70990000 70999000   C:UsersbehzadDesktopvw-8-5-3-win-x86-32sdkdemovssdw.dll
(c04.f64): Access violation - code c0000005 (first chance)
First chance exceptions are reported before any exception handling.
This exception may be expected and handled.
eax=34333231 ebx=00000d0d ecx=070bdb70 edx=00000000 esi=070bd700 edi=0001041d
eip=34333231 esp=0044e6bc ebp=070bffd8 iopl=0         nv up ei ng nz ac pe cy
cs=0023  ss=002b  ds=002b  es=002b  fs=0053  gs=002b             efl=00010297
34333231 ??              

This control puts an attacker ultimately in the position to potentially compromise an application using Oracle Outside-In Technology.

References:

[1] http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html#AppendixFMW[2] http://secunia.com/advisories/65000/[3] http://www.oracle.com/us/technologies/embedded/025613.htm

View the full article