Showing 1 - 5 of 5

Files from Damian Frizza

First Active	2008-01-28
Last Active	2010-03-09

Core Security Technologies Advisory 2009.1103: Posted Mar 9, 2010; Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - A memory corruption occurs on Microsoft Office Excel 2002 when parsing a .XLS file with a malformed DbOrParamQry record. This vulnerability could be used by a remote attacker to execute arbitrary code in the context of the currently logged on user, by enticing the user to open a specially crafted file.; tags | advisory, remote, arbitrary; advisories | CVE-2010-0264; SHA-256 | 7467a687c181b918d29055d813fdff2b35ff940ae1ff53bb67f0cc1fd65c64a0; Download | Favorite | View

Core Security Technologies Advisory 2009.0813: Posted Mar 9, 2010; Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - A vulnerability was found in Windows Movie Maker and Microsoft Producer, which can be triggered by a remote attacker by sending a specially crafted file and enticing the user to open it. This vulnerability results in a write access violation and can lead to remote code execution.; tags | advisory, remote, code execution; systems | windows; advisories | CVE-2010-0265; SHA-256 | 3ec9f74a6f8a7195243bbca53f5c261bb5ca7143376fade47aec9053e7b0c338; Download | Favorite | View

Core Security Technologies Advisory 2009.0827: Posted Feb 9, 2010; Authored by Core Security Technologies, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - A vulnerability exists in MSO.DLL affecting Excel 9 (Office 2000) and Excel 10 (Office XP) in the code responsible for parsing OfficeArtSpgr (recType 0xF003) containers that allows an attacker to cause a class pointer to be interpreted incorrectly, leading to code execution in the context of the currently logged on user.; tags | advisory, code execution; advisories | CVE-2010-0243; SHA-256 | d40c00bfca38691caa302cc240a65cfb4055b89ee51b20a1b18ce6051b11c60e; Download | Favorite | View

Core Security Technologies Advisory 2007.1218: Posted Feb 4, 2008; Authored by Core Security Technologies, Damian Frizza, Alfredo Ortego | Site coresecurity.com; Core Security Technologies Advisory - The MPlayer package is vulnerable to a buffer overflow attack, which can be exploited by malicious remote attackers. The vulnerability is due to MPlayer not properly sanitizing certain tags on a FLAC file before using them to index an array on the stack. This can be exploited to execute arbitrary commands by opening a specially crafted file.; tags | advisory, remote, overflow, arbitrary; advisories | CVE-2008-0486; SHA-256 | 4f26f825d9d87a14dfee920c490ae23831e4808a1935ecb75aa6972cd2fc2274; Download | Favorite | View

Core Security Technologies Advisory 2007.1219: Posted Jan 28, 2008; Authored by Core Security Technologies, Alfredo Ortega, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - The Firebird database manager contains an integer overflow in the processing of certain tags on the XDR protocol used for communication with the server. Version vulnerable include Firebird SQL 1.0.3 and before, 1.5.5 and before, 2.0.3 and before, and 2.1.0 Beta 2 and before.; tags | exploit, overflow, protocol; advisories | CVE-2008-0387; SHA-256 | 049362d5b2e4e09658272b9a1503df66c276926189db05c55ad7bfdb78bb1d0c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days