AmbiguityInAjaxLockdownFramework.pdf
Whitepaper entitled Ambiguity In Ajax Lockdown Framework - Unveiling Some Contradictory Facts.
View Articleverisign-redirect.txt
Verisign has various open HTTP redirect servers that may assist phishing.
View ArticleCVE-2007-3816.txt
JWIG might allow context-dependent attackers to cause a denial of service via loops of references to external templates.
View ArticleSer_Insec_Bison.pdf
Whitepaper titled Binary JSON: Insecurity In Implementing Serialization.
View Articlemsiepng-dos.txt
Microsoft Internet Explorer 7 is susceptible to a denial of service vulnerability when handling malicious PNG files.
View Articlegoogle-exhaust.txt
Google Chrome versions 0.2.149.30 and 0.2.149.29 carriage return NULL object memory exhaustion denial of service proof of concept exploit.
View Articlegooglesuppress-dos.txt
Google Chrome version 0.2.149.30 suffers from a window object suppression denial of service vulnerability.
View Articlefirefoxderef-dos.txt
The user interface in Mozilla Firefox version 3.0.3 suffers from a null pointer dereference crash.
View Articleoperasuppress-dos.txt
Opera version 9.52 suffers from a window object suppression denial of service vulnerability.
View Articlegooglechrome-obfuscate.tgz
Google Chrome versions 0.2.149.30, 0.2.149.29, and 0.2.149.27 all suffer from a metacharacter URI obfuscation vulnerability. Proof of concept html included.
View ArticleOracle E-Business Suite Information Disclosure
Oracle E-Business Suite Release 12, version 12.0.6 and Oracle E-Business Suite Release 11i, version 11.5.10.2 both suffer from a sensitive information disclosure vulnerability.
View ArticleGoogle Chrome Click Jacking
The Google Chrome browser versions 1.0.154.43 and below suffer from a clickjacking vulnerability.
View ArticleGoogle Chrome 1.0.154.48 Denial Of Service
Google Chrome version 1.0.154.48 single thread alert out of bounds memory access exploit.
View ArticleEvading Web XSS Filters Through Word
Whitepaper called Evading Web XSS Filters through Word (Microsoft Office and Open Office in Enterprise Web Applications.
View ArticleMozilla Firefox 3.0.8 Zero Buffer Check Memory Exhaustion / Leaking
Mozilla Firefox version 3.0.8 zero buffer check memory exhaustion and leaking proof of concept exploit.
View ArticleGoogle Chrome 1.0.154.53 Denial Of Service
Google Chrome version 1.0.154.53 "throw exception" remote crash and denial of service exploit.
View ArticlePDF JavaScript Attacks
Whitepaper called PDF Silent HTTP Form Repurposing Attacks.This paper sheds light on the modified approach to trigger web attacks through JavaScript protocol handler in the context of browser when a...
View ArticleGoogle Docs PDF Repurposing
This document discusses cookie hijacking in Google Docs through PDF repurposing attacks. This has since been fixed by Google.
View ArticleWhitepaper Called Reverse Honey Trap
Whitepaper called Reverse Honey Trap - Striking Deep Inside Online Web Antivirus Engines and Analyzers.
View ArticleMicrosoft Word 2003 MSO Null Pointer Dereference
A null pointer dereference vulnerability has been noticed in Microsoft Word. The exception results in the MSO.dll library failing to handle the specially crafted buffer in a file. The issue can be...
View Article