From http://support.apple.com/kb/HT4104:
CVE-ID: CVE-2010-0536
Impact: Opening a maliciously crafted BMP image may lead to an unexpected application termination or arbitrary code execution
Description: A memory corruption issue exists in the handling of BMP images…
http://skypher.com/SkyLined/heap_spray/small_heap_spray_generator.html
I’ve created a heap-spray generator…
(a.k.a. CVE-2009-2983)
Adobe fixed a bug in various COM objects. Loading and unloading these objects in a webpage in Firefox allows memory corruption, which can be exploited to execute arbitrary code…
AsyncXMLHttpRequest is an extension of XMLHttpRequest with the following improvements:
Uniform behavior on multiple different browsers (Apple Safari, Google Chrome, Microsoft Internet Explorer, Mozilla Firefox and Opera).
Event handlers are called with the AsyncXMLHttpRequest object to which they apply as the first argument…
I’ve created a table with contact information for security teams for mayor software vendors. I’m hoping you’ll find the information useful when you’re trying to report a vulnerability…
I’ve created an example script that outputs a stack dump in JavaScript. It shows all the functions that have been called, their arguments and the values of these arguments. I find it to be very useful while writing complex JavaScripts – I use it in asserts and error handlers to find out why things go wrong quickly…
I’ve updated my userscripts for Google with Greasemonkey.
I added the Classic homepage to the list where it should add the buttons…
I was talking to Skylined about greasemonkey and my language enhancement of the results of Google, when we came up with another one, dubbed: Instant Search Type.
This new script removes the “I’m feeling Lucky” button and adds an Images and a Maps button…
Recently I discovered greasemonkey throu the lifehacker website.
After it’s possibilities sank in, I figured out one of my main frustrations: Google. in particular, it’s language settings…
