Hacking/Vulnerabilities
From Skypher
(Redirected from List of software vulnerabilities)
|
▼Main Page |
Below is an list of some of the bugs I have found in various software products and reported to their vendors in 2008/2009. I try to keep this up-to-date, but I cannot guarantee that all the information is correct at all times. Because I target my research towards specific products and is not guaranteed to be complete, up-to-date or correct this should not be used in a comparison between the affected products in any way. In no way does this represent an objective state of the security of the affected software. If anything, it represents what features and products I've been focusing on most over the last year.
| Date reported | Description | Potential impact/ severity | Affected software | Status |
|---|---|---|---|---|
| 2008-05-21 | "arguments" array integer overflow | EoP | Safari | Fixed Repro PoC |
| 2008-12-04 | Citrix NULL pointer | DoS | Safari | Open |
| 2008-06-12 | DOM modification stack exhaustion | DoS | WebKit | Fixed Repro |
| 2008-06-12 | DOM modification NULL ptr ReadAV | DoS | WebKit | Fixed Repro |
| 2008-08-06 | execCommand NULL ptr | DoS | WebKit | Fixed Repro |
| 2008-08-29 | Unspecified NULL ptr Read AV | DoS | WebKit | Open |
| 2008-08-27 | "DOMNodeInserted event listener" stack exhaustion | DoS | WebKit | Fixed Repro |
| 2008-09-15 | "isDefaultNamespace" NULL ptr | DoS | WebKit | Fixed Repro |
| 2008-06-12 | Unspecified stack exhaustion | DoS | WebKit | Open |
| 2008-06-12 | Unspecified NULL ptr | DoS | WebKit | Open |
| 2008-06-13 | Unspecified NULL ptr | DoS | WebKit | Open |
| 2008-06-13 | Unspecified NULL ptr | DoS | WebKit | Open |
| 2008-06-24 | Unspecified NULL ptr | DoS | WebKit | Open |
| 2008-06-24 | Unspecified NULL ptr | DoS | WebKit | Open |
| 2008-08-06 | Unspecified 100% CPU use and stack exhaustion | DoS | WebKit | Open |
| 2008-08-14 | Unspecified 100% CPU use | DoS | WebKit | Open |
| 2008-09-05 | Unspecified JavaScript issue | DoS | WebKit | Open |
| 2008-09-30 | Unspecified memory corruption | EoP | WebKit | Fixed? Fixed |
| 2008-10-09 | Bypass popup blocker | Popup | WebKit | Open |
| 2008-??-?? | 6x execCommand NULL ptr | DoS | WebKit | Not reported: expected to be fixed in ToT. |
| 2008-??-?? | Unspecified NULL ptr ReadAV | DoS | Opera | Open (238300) |
| 2008-??-?? | Unspecified NULL ptr WriteAV | DoS | Opera | Open (355565) |
| 2008-??-?? | "initUIEvent" NULL ptr ReadAV | DoS | Opera | Fixed (366181) Repro |
| 2008-??-?? | Unspecified NULL ptr ReadAV | DoS | Opera | Open (370405) |
| 2008-??-?? | Unspecified stack exhaustion | DoS | Opera | Open (370416) |
| 2008-??-?? | Unspecified memory corruption | EoP | Opera | Open (348705) |
| 2008-??-?? | Unspecified 100% CPU usage | DoS | Opera | Open (348919) |
| 2008-??-?? | "DOMNodeInserted event listener" NULL ptr ReadAV | DoS | Opera | Fixed (unknown bug number) Repro |
| 2008-??-?? | "DOMNodeInserted/DOMNodeRemoved event listener" stack exhaustion | DoS | Opera | Fixed (unknown bug number) |
| 2008-??-?? | "DOMNodeInserted event listener" NULL ptr ReadAV | DoS | Opera | Fixed (unknown bug number) |
| 2008-12-10 | Unspecified access violations | DoS | SUN Java/all browser | Open Chrome |
| 2008-10-15 | "execCommand selectall" NULL ptr ReadAV | DoS | MSIE 8.0 | Won't fix (beta) Repro |
| 2008-08-06 | "removeNode/applyElement" NULL ptr ReadAV | DoS | MSIE 6.0 | Won't fix (8450) Repro |
| 2008-08-13 | "applet" NULL ptr ReadAV | DoS | MSIE 6.0 | Won't fix (8462) Repro |
| 2008-09-15 | "screen[""]" NULL ptr ReadAV | DoS | MSIE 6.0, 7.0, 8.0 | Fixed in 8.0rc1 (MSRC 8557) Repro |
| 2008-12-04 | EMBED object memory corruption | EoP | MSIE 6.0, 7.0, 8.0 | Fixed Repro |
| 2008-12-12 | Unspecified AV | EoP? | MSIE 7.0, 8.0 | Investigating (8769) |
| 2008-06-24 | Unspecified NULL ptr | DoS | Firefox 2 | Open |
| 2008-06-24 | Unspecified NULL ptr | DoS | Firefox 2 | Open |
| 2008-06-24 | Unspecified NULL ptr | EoP? | Firefox 2 | Open |
| 2008-06-24 | Unspecified NULL ptr | EoP? | Firefox 2 | Won't fix |
| 2008-08-13 | Unspecified NULL ptr | EoP? | Firefox 2 | Open |
| 2008-09-24 | Unspecified NULL ptr | DoS | Firefox 3 | Open |
| 2008-12-04 | Unspecified memory corruption | EoP | Adobe reader/Firefox 3 | Open |
| 2008-12-04 | Unspecified memory corruption | EoP | VLC player/Firefox 3 | Paritial fix |
| 2008-12-19 | XSRF, XSS, DoS, default username/password | EoP | Livebox | Open |
| 2008-12-04 | Unspecified NULL ptr | n.a. | Silverlight/Opera | Open |
| 2008-12-19 | Unspecified NULL ptr and re-use of freed memory | EoP | Safari | Open (61805755) |
| 2008-12-19 | Unspecified NULL ptr | DoS | Safari | Open |
| 2008-12-19 | Two unspecified NULL ptrs | DoS | Opera | Open (DSK-242737) |
| 2008-12-19 | Unspecified Read AV | Unknown | MSIE 7.0 | Open (8781) |
