what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Mario Gomes

Bugzilla Cross Site Scripting / Information Leak

Posted Dec 23, 2015

Authored by Mario Gomes, Holger Fuhrmannek | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.x through 5.x suffer from cross site scripting and information leak vulnerabilities.

tags | advisory, vulnerability, xss

advisories | CVE-2015-8508, CVE-2015-8509

SHA-256 | db307f7a48f357ccec4e2df7650d49504073c143e214926e2c2f8d2de6b1ae54

Download | Favorite | View

Bugzilla 3.x / 4.x Cross Site Request Forgery

Posted Jul 25, 2014

Authored by Mario Gomes, Byron Jones, Reed Loden, Simon Green | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, and 4.5.1 to 4.5.4 suffer from a cross site request forgery vulnerability.

tags | advisory, csrf

advisories | CVE-2014-1546

SHA-256 | cd0337a3196b87e65a4382c3d46665e5a07957324bbe8fa092ed144b51893ab0

Download | Favorite | View

Google Chrome PDF File Handling Memory Corruption

Posted Oct 4, 2011

Authored by Mario Gomes

Google Chrome versions prior to 14.0.835.163 suffer from a PDF file handling memory corruption vulnerability. Full advisory and proof of concept pdf and code included.

tags | exploit, proof of concept

systems | linux

advisories | CVE-2011-2841

SHA-256 | b3db699edc360a409cb1d6e4bdda4381612b67400739cb96b43d3f489944da1a

Download | Favorite | View