Security Research

Advisories

Bug Title CVE/Ref Vendor/Software Date
Remote Agent Configuration Settings Information Disclosure ZDI-CAN-4283 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
dlpCrawlerServerInvoker Deserialization of Untrusted Data ZDI-CAN-4284 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listLogDatas SQL Injection ZDI-CAN-4141 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listEndPointDocScanResultLIs SQL Injection ZDI-CAN-4142 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listReportDatas SQL Injection ZDI-CAN-4143 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listRoleDatas SQL Injection ZDI-CAN-4144 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
getSourceAcquisitionHistory SQL Injection ZDI-CAN-4145 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listFingerprints SQL Injection ZDI-CAN-4131 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listReportDefs SQL Injection ZDI-CAN-4133 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listEndpoints SQL Injection ZDI-CAN-4134 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listEntities SQL Injection ZDI-CAN-4136 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
listKeywords SQL Injection ZDI-CAN-4137 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
fileAttribList SQL Injection ZDI-CAN-4146 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
importComplianceTemplate XXE Processing File Disclosure ZDI-CAN-4138 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
dataManagementList Remote File Delete DoS ZDI-CAN-4120 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
exportdatatojsp Directory Trevrsal File Disclosure ZDI-CAN-4119 Trend Micro Data Loss Prevention Management Server <= 5.6 Apr 2017
Session Generation Authentication Bypass CVE-2016-8584 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
Directory Traversal Authentication Bypass CVE-2016-7552 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
Command Injection Remote Code Execution CVE-2016-8586 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
Information Disclosure CVE-2016-7547 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
Command Injection Remote Code Execution CVE-2016-8585 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
dlp_policy_upload.cgi Remote Code Execution CVE-2016-8587 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
hotfix_upload.cgi Command Injection Remote Code Execution CVE-2016-8588 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
log_query_dlp.cgi Command Injection Remote Code Execution CVE-2016-8589 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
log_query_dae.cgi Command Injection Remote Code Execution CVE-2016-8590 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
log_query.cgi Command Injection Remote Code Execution CVE-2016-8591 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
log_query_system.cgi Command Injection Remote Code Execution CVE-2016-8592 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
upload.cgi Remote Code Execution Vulnerability CVE-2016-8593 Trend Micro Threat Discovery Appliance <= 2.6.1062r1 Apr 2017
Reflected Cross Site Scripting CVE-2017-5599 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
SQL Injection CVE-2017-5598 eClinicalWorks healow@work 8.0 build 8 Jan 2017
SQL Injection CVE-2017-5570 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
SQL Injection CVE-2017-5569 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
UXSS CVE-2016-8011 McAfee Endpoint Security 10.2 and SiteAdvisor Enterprise 3.5 Dec 2016
Unauthenticated Remote Code Execution CVE-2016-9796 Alcatel Lucent Omnivista 8770 2.0, 2.6, 3.0 and 3.1 Dec 2016
Privilege Escalation CVE-2016-2246 HP ThinPro 4.4, 5.0, 5.1, 5.2, 5.2.1, 6.0, 6.1 Oct 2016
PDF Library Information Disclosure CVE-2016-3374 Microsoft Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Oct 2016
Predictable Session CVE-2015-3326 Trend Micro SMEX 10 SP2 May 2016
ReDoS CVE-2015-2526 .NET Framework 4.5, 4.5.1, 4.5.2 and 4.6 September 2015
External JAR Injection CVE-2015-2630 Oracle e-Business Suite 11.5.10.2, 12.0.6, 12.1.3 July 2015
Multiple Vulnerabilities CVE-2015-2159 / CVE-2015-2160 / CVE-2015-2161 / CVE-2015-2162 / CVE-2015-2163 / CVE-2015-2164 / CVE-2015-2240 FootPrints Service Core 11.0, 11.1, 11.6, 11.5 May 2015
Root shell access - Kiosk Bypass n/a HP Thin Pro OS - T6X44017 Apr 2015
Remote Code Execution and multiple vulnerabilities CVE-2014-5287/5288 Kemp Load Master (load balancer) v.7.1-16 Apr 2015
Multiple vulnerabilities CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 IBM Rational Doors Next Generation, Composer and Requirements Feb 2014
Reflected Cross Site Scripting CVE-2013-6956 Juniper - Junos Pulse Secure Access Service - SA700, SA2000, SA2500, SA4000, FIPS SA4000, SA4500, FIPS SA4500, SA6000, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, and MAG6611 Apr 2014
Multiple vulnerabilities CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 IBM Rational Doors Next Generation, Composer and Requirements Feb 2014
WAF Bypass n/a Barracuda Web Application Firewall Oct 2013
Multiple Reflected XSS, 2 ESRI - ArcGIS for Server 10.1, 10.2 Sep 2013
Unrestricted File Upload CVE-2013-5221 ESRI - ArcGIS for Server 10.1, 10.2 Sep 2013
Cross Context Scripting (XCS) - about:history - Remote Code Execution TBA Maxthon Dec 2012
Cross Context Scripting (XCS) - RSS - Remote Code Execution TBA Maxthon Dec 2012
Privileged API Available On i.maxthon.com TBA Maxthon Dec 2012
Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark Sidebar TBA Maxthon Dec 2012
Incorrect Executable File Handling and Same Origin Policy Implementation TBA Maxthon Dec 2012
Same of Origin Policy Bypass - browser:home TBA Avant Browser Dec 2012
Cross Context Scripting - browser:home - Most Visited And History Tabs TBA Avant Browser Dec 2012
Avant Browser - Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*) TBA Avant Browser Dec 2012
CSRF 2012-0550 Oracle GlassFish Server Apr 2012
Multiple Cross Site Scripting 2012-0551 Oracle GlassFish Server Apr 2012
Use After Free 2011-4152 Opera Oct 2011
DOM Cross Site Scripting 2011-2133 Adobe RoboHelp 9 Aug 2011
ParanoidFragmentSink allows javascript: URLs in chrome documents pdf (section 2.8) 2010-1585 Mozilla Firefox / Thunderbird Mar 2011
Session Fixation 2010-4437 Oracle WebLogic Server Mar 2011
Multiple Cross Site Scripting Vulnerabilities 2010-2406 Oracle eBusiness Application Oct 2010
HTTP Response Splitting 2010-3514 Oracle Sun Java System Web Server Oct 2010
SOP Bypass 2010-3573 Oracle JRE java.net.URLConnection Oct 2010
XML Entity and XML Injections 2009-3960 Multiple Adobe Products Feb 2010
Chrome Privilege Code Execution Update Scanner Aug 2009
Chrome Privilege Code Execution Coolpreviews Aug 2009
Stored Cross Site Scripting 2008-4725 Opera Oct 2008
Stored Cross Site Scripting Google Analytics Oct 2008
Local File Disclosure 2008-2045 SugarCRM Apr 2008
Reflected Cross Site Scripting DotNetNuke Aug 2006

Presentations

Presentation Download Conferences Date
I Got 99 Trends and a # is All of Them! How We Found Over 100 RCE Vulnerabilities in Trend Micro Software pdf slideshare Hack In The Box 2017 Amsterdam April 2017
Augmented Reality in your web proxy slideshare HackPra Allstars - OWASP App Sec EU 2013 (Hamburg) August 2013
Cross Context Scripting attacks and exploitation slideshare HackPra (Ruhr-Universit├Ąt Bochum) November 2012
Window Shopping: Browser Bug Hunting in 2012 pdf . slideshare Hack In the Box 2012 (Amsterdam) May 2012
Bridging The Gap: Security and software testing pdf . slideshare ANZTB Test Conference 2011 (Auckland) Mar 2010
Defending Against Application Level DoS Attacks pdf . slideshare OWASP New Zealand Day 2010 (Auckland) Jul 2010
Exploiting Firefox Extensions pdf . slideshare . video OWASP AppSec Asia & SecurityByte 2009 (Gurgaon, IN)

DEFCON 17 (Las Vegas, US)

EUSecWest 2009 (London, UK)
Nov 2009
Reversing JavaScript zip . slideshare OWASP New Zealand Chapter Mar 2009
None More Black: The Dark Side of SEO pdf . slideshare Ruxcon 2008 (Sydney, AU)

Kiwicon II (Wellington, NZ)
Oct 2008
Browser Security ppt . slideshare OWASP New Zealand Chapter Sep 2008
Black Energy 1.8 - Russian botnet package analysis ppt . slideshare Hack In The Bush (Internal Training) May 2008
Web Spam Techniques ppt . slideshare OWASP New Zealand Chapter Apr 2008
XPath Injection ppt . slideshare OWASP New Zealand Chapter Feb 2008
Ajax Security ppt . slideshare OWASP New Zealand Chapter Dec 2007

White Papers

White Paper Title Download Date
Leveraging XSRF with Apache "Compatibility with older browser" feature and Java Applet pdf Oct 2010
Cross Context Scripting with Firefox pdf Apr 2010
Exploiting Cross Context Scripting Vulnerabilities pdf Apr 2010

Minor tools

Tool Download Date
BurpCSJ extension for Burp Pro web proxy github Aug 2013
sed v0.2 - Search Engine De-optimisation page zip Nov 2008
specialK - simple web folder scanner written in Perl zip Jul 2008