Security Research

Advisories

Bug Title	CVE/Ref	Vendor/Software	Date
Hacking an altcoin node for ̶f̶u̶n̶ ̶a̶n̶d̶ profit	N/A	WarCon III - Warsaw	June 2018
SQL Injection Information Disclosure	ZDI-CAN-4409	Trend Micro SafeSync for Enterprise	Mar 2017
SQL Injection Remote Code Execution	ZDI-CAN-4642/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4643/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4644/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4645/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4646/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4647/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4648/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4649/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4650/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4651/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4652/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4653/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4654/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4656/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4657/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4658/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4659/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4660/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4661/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4662/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4663/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4664/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4665/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4666/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4667/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4668/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4670/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4672/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4676/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4678/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4680/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4682/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4685/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4686/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4687/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4688/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4690/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4691/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4692/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4693/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
Unrestricted File Upload Remote Code Execution	ZDI-CAN-4780/CVE-2017-14079	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4781/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4782/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4783/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
Unrestricted File Upload Remote Code Execution	ZDI-CAN-4784/CVE-2017-14079	Trend Micro Mobile Security for Enterprise	Sep 2017
Unrestricted File Upload Remote Code Execution	ZDI-CAN-4785/CVE-2017-14079	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4786/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4786/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4788/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4790/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4791/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4792/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4793/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4794/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4796/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4797/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4801/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4803/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4804/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
Unrestricted File Upload Remote Code Execution	ZDI-CAN-4805/CVE-2017-14079	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4806/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4679/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
SQL Injection Remote Code Execution	ZDI-CAN-4683/CVE-2017-14078	Trend Micro Mobile Security for Enterprise	Sep 2017
Remote Agent Configuration Settings Information Disclosure	ZDI-CAN-4283	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
dlpCrawlerServerInvoker Deserialization of Untrusted Data	ZDI-CAN-4284	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listLogDatas SQL Injection	ZDI-CAN-4141	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listEndPointDocScanResultLIs SQL Injection	ZDI-CAN-4142	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listReportDatas SQL Injection	ZDI-CAN-4143	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listRoleDatas SQL Injection	ZDI-CAN-4144	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
getSourceAcquisitionHistory SQL Injection	ZDI-CAN-4145	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listFingerprints SQL Injection	ZDI-CAN-4131	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listReportDefs SQL Injection	ZDI-CAN-4133	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listEndpoints SQL Injection	ZDI-CAN-4134	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listEntities SQL Injection	ZDI-CAN-4136	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
listKeywords SQL Injection	ZDI-CAN-4137	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
fileAttribList SQL Injection	ZDI-CAN-4146	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
importComplianceTemplate XXE Processing File Disclosure	ZDI-CAN-4138	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
dataManagementList Remote File Delete DoS	ZDI-CAN-4120	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
exportdatatojsp Directory Trevrsal File Disclosure	ZDI-CAN-4119	Trend Micro Data Loss Prevention Management Server <= 5.6	Apr 2017
Session Generation Authentication Bypass	CVE-2016-8584	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
Directory Traversal Authentication Bypass	CVE-2016-7552	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
Command Injection Remote Code Execution	CVE-2016-8586	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
Information Disclosure	CVE-2016-7547	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
Command Injection Remote Code Execution	CVE-2016-8585	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
dlp_policy_upload.cgi Remote Code Execution	CVE-2016-8587	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
hotfix_upload.cgi Command Injection Remote Code Execution	CVE-2016-8588	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
log_query_dlp.cgi Command Injection Remote Code Execution	CVE-2016-8589	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
log_query_dae.cgi Command Injection Remote Code Execution	CVE-2016-8590	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
log_query.cgi Command Injection Remote Code Execution	CVE-2016-8591	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
log_query_system.cgi Command Injection Remote Code Execution	CVE-2016-8592	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
upload.cgi Remote Code Execution Vulnerability	CVE-2016-8593	Trend Micro Threat Discovery Appliance <= 2.6.1062r1	Apr 2017
Reflected Cross Site Scripting	CVE-2017-5599	eClinicalWorks Patient Portal 7.0 build 13	Jan 2017
SQL Injection	CVE-2017-5598	eClinicalWorks healow@work 8.0 build 8	Jan 2017
SQL Injection	CVE-2017-5570	eClinicalWorks Patient Portal 7.0 build 13	Jan 2017
SQL Injection	CVE-2017-5569	eClinicalWorks Patient Portal 7.0 build 13	Jan 2017
UXSS	CVE-2016-8011	McAfee Endpoint Security 10.2 and SiteAdvisor Enterprise 3.5	Dec 2016
Unauthenticated Remote Code Execution	CVE-2016-9796	Alcatel Lucent Omnivista 8770 2.0, 2.6, 3.0 and 3.1	Dec 2016
Privilege Escalation	CVE-2016-2246	HP ThinPro 4.4, 5.0, 5.1, 5.2, 5.2.1, 6.0, 6.1	Oct 2016
PDF Library Information Disclosure	CVE-2016-3374	Microsoft Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10	Oct 2016
Predictable Session	CVE-2015-3326	Trend Micro SMEX 10 SP2	May 2016
ReDoS	CVE-2015-2526	Microsoft .NET Framework 4.5, 4.5.1, 4.5.2 and 4.6	September 2015
External JAR Injection	CVE-2015-2630	Oracle e-Business Suite 11.5.10.2, 12.0.6, 12.1.3	July 2015
Multiple Vulnerabilities	CVE-2015-2159 / CVE-2015-2160 / CVE-2015-2161 / CVE-2015-2162 / CVE-2015-2163 / CVE-2015-2164 / CVE-2015-2240	FootPrints Service Core 11.0, 11.1, 11.6, 11.5	May 2015
Root shell access - Kiosk Bypass	n/a	HP Thin Pro OS - T6X44017	Apr 2015
Remote Code Execution and multiple vulnerabilities	CVE-2014-5287/5288	Kemp Load Master (load balancer) v.7.1-16	Apr 2015
Multiple vulnerabilities	CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846	IBM Rational Doors Next Generation, Composer and Requirements	Feb 2014
Reflected Cross Site Scripting	CVE-2013-6956	Juniper - Junos Pulse Secure Access Service - SA700, SA2000, SA2500, SA4000, FIPS SA4000, SA4500, FIPS SA4500, SA6000, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, and MAG6611	Apr 2014
Multiple vulnerabilities	CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846	IBM Rational Doors Next Generation, Composer and Requirements	Feb 2014
WAF Bypass	n/a	Barracuda Web Application Firewall	Oct 2013
Multiple Reflected XSS, 2	ESRI - ArcGIS for Server 10.1, 10.2	Sep 2013
Unrestricted File Upload	CVE-2013-5221	ESRI - ArcGIS for Server 10.1, 10.2	Sep 2013
Cross Context Scripting (XCS) - about:history - Remote Code Execution	TBA	Maxthon	Dec 2012
Cross Context Scripting (XCS) - RSS - Remote Code Execution	TBA	Maxthon	Dec 2012
Privileged API Available On i.maxthon.com	TBA	Maxthon	Dec 2012
Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark Sidebar	TBA	Maxthon	Dec 2012
Incorrect Executable File Handling and Same Origin Policy Implementation	TBA	Maxthon	Dec 2012
Same of Origin Policy Bypass - browser:home	TBA	Avant Browser	Dec 2012
Cross Context Scripting - browser:home - Most Visited And History Tabs	TBA	Avant Browser	Dec 2012
Avant Browser - Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*)	TBA	Avant Browser	Dec 2012
CSRF	2012-0550	Oracle GlassFish Server	Apr 2012
Multiple Cross Site Scripting	2012-0551	Oracle GlassFish Server	Apr 2012
Use After Free	2011-4152	Opera	Oct 2011
DOM Cross Site Scripting	2011-2133	Adobe RoboHelp 9	Aug 2011
ParanoidFragmentSink allows javascript: URLs in chrome documents	pdf (section 2.8)	2010-1585	Mozilla Firefox / Thunderbird	Mar 2011
Session Fixation	2010-4437	Oracle WebLogic Server	Mar 2011
Multiple Cross Site Scripting Vulnerabilities	2010-2406	Oracle eBusiness Application	Oct 2010
HTTP Response Splitting	2010-3514	Oracle Sun Java System Web Server	Oct 2010
SOP Bypass	2010-3573	Oracle JRE java.net.URLConnection	Oct 2010
XML Entity and XML Injections	2009-3960	Multiple Adobe Products	Feb 2010
Chrome Privilege Code Execution		Update Scanner	Aug 2009
Chrome Privilege Code Execution		Coolpreviews	Aug 2009
Stored Cross Site Scripting	2008-4725	Opera	Oct 2008
Stored Cross Site Scripting		Google Analytics	Oct 2008
Local File Disclosure	2008-2045	SugarCRM	Apr 2008
Reflected Cross Site Scripting		DotNetNuke	Aug 2006

Presentations

Presentation	Download	Conferences	Date
I Got 99 Trends and a # is All of Them! How We Found Over 100 RCE Vulnerabilities in Trend Micro Software	pdf slideshare	Hack In The Box 2017 Amsterdam	April 2017
Augmented Reality in your web proxy	slideshare	HackPra Allstars - OWASP App Sec EU 2013 (Hamburg)	August 2013
Cross Context Scripting attacks and exploitation	slideshare	HackPra (Ruhr-Universität Bochum)	November 2012
Window Shopping: Browser Bug Hunting in 2012	pdf . slideshare	Hack In the Box 2012 (Amsterdam)	May 2012
Bridging The Gap: Security and software testing	pdf . slideshare	ANZTB Test Conference 2011 (Auckland)	Mar 2010
Defending Against Application Level DoS Attacks	pdf . slideshare	OWASP New Zealand Day 2010 (Auckland)	Jul 2010
Exploiting Firefox Extensions	pdf . slideshare . video	OWASP AppSec Asia & SecurityByte 2009 (Gurgaon, IN) DEFCON 17 (Las Vegas, US) EUSecWest 2009 (London, UK)	Nov 2009
Reversing JavaScript	zip . slideshare	OWASP New Zealand Chapter	Mar 2009
None More Black: The Dark Side of SEO	pdf . slideshare	Ruxcon 2008 (Sydney, AU) Kiwicon II (Wellington, NZ)	Oct 2008
Browser Security	ppt . slideshare	OWASP New Zealand Chapter	Sep 2008
Black Energy 1.8 - Russian botnet package analysis	ppt . slideshare	Hack In The Bush (Internal Training)	May 2008
Web Spam Techniques	ppt . slideshare	OWASP New Zealand Chapter	Apr 2008
XPath Injection	ppt . slideshare	OWASP New Zealand Chapter	Feb 2008
Ajax Security	ppt . slideshare	OWASP New Zealand Chapter	Dec 2007

White Papers

White Paper Title	Download	Date
Leveraging XSRF with Apache "Compatibility with older browser" feature and Java Applet	pdf	Oct 2010
Cross Context Scripting with Firefox	pdf	Apr 2010
Exploiting Cross Context Scripting Vulnerabilities	pdf	Apr 2010

Minor tools

Tool	Download	Date
BurpCSJ extension for Burp Pro web proxy	github	Aug 2013
sed v0.2 - Search Engine De-optimisation page	zip	Nov 2008
specialK - simple web folder scanner written in Perl	zip	Jul 2008

malerisch.net

Search This Blog

Security Research

Advisories

Presentations

White Papers

Minor tools

Popular posts from this blog

TrendMicro ScanMail for Microsoft Exchange (SMEX) predictable session token - CVE-2015-3326

Alcatel Lucent Omnivista or: How I learned GIOP and gained Unauthenticated Remote Code Execution (CVE-2016-9796)

Microsoft .NET MVC ReDoS (Denial of Service) Vulnerability - CVE-2015-2526 (MS15-101)