Just a quick writeup today, recently I uncovered an issue in the Foomatic-RIP package. The bug can be found within the "filter/foomatic-rip/util.c" source and is due to the whitelist used within the following line
Read More »Recently during a review of Sharepoint, I came across a vulnerability discovered by the Fortinet team and published on their blog. The post contained information on what a successful exploit would look like, but provided no final exploit for verification or testing. After a bit of review, I found the following POC code which, when triggered, shows a simple alert dialog box
Read More »As many of you have probably seen, last year Context published research into spreadsheet applications such as Excel which render CSV files (and their embedded formula) when opened. If you haven't, I suggest stopping and reading http://www.contextis.com/resources/blog/comma-separated-vulnerabilities/ Many web applications provide a user with an option to export data to a CSV file format, and when the data can be influenced by an attacker (registration names, analytics etc), you are facing a pot
Read More »