TOCTOU | writeups.xyz

Title	Vulnerabilities	Programs	Authors
Firmware Security: Alcatel-Lucent ALE-DeskPhone	VoIP Hacking Hardware Hacking Reverse Engineering Arbitrary File Read TOCTOU Local Privilege Escalation	Alcatel-Lucent	Moritz Abrell (@Moritz_abrell)
The Nightmare of Apple's OTA Update: Bypassing the Signature Verification and Pwning the Kernel	Signature Validation Bypass TOCTOU SIP Bypass Downgrade Attack Kernel Hacking Reverse Engineering	Apple (MacOS)	Mickey Jin (@Patch1t)
Getting SYSTEM on Windows in style	RCE Local Privilege Escalation TOCTOU DLL Hijacking	Microsoft (Windows)	Sector 7 (@Sector7_nl)
CVE-2023-38146: Arbitrary Code Execution via Windows Themes	RCE TOCTOU DLL Hijacking	Microsoft (Windows)	Gabe_k
Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586)	TOCTOU Arbitrary File Write Local Privilege Escalation	Avast NortonLifeLock	Denis Skvortcov (@Denis_Skvortcov)
Escaping Parallels Desktop with Plist Injection	Local Privilege Escalation Plist Injection TOCTOU	Parallels	Kn32
Avast Anti-Virus privileged arbitrary file create on virus quarantine (CVE-2023-1585 and CVE-2023-1587)	TOCTOU NULL Pointer Dereference Arbitrary File Write Local Privilege Escalation	Avast	Denis Skvortcov (@Denis_Skvortcov)
Breaking Docker Named Pipes SYSTEMatically: Docker Desktop Privilege Escalation – Part 2	Local Privilege Escalation TOCTOU Arbitrary File Write	Docker	Eviatar Gerzi
SSRF via DNS Rebinding (CVE-2022–4096)	SSRF DNS Rebinding TOCTOU	Appsmith	Basavaraj Banakar (@Basu_banakar)

Page 1 of 1