exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 3 of 3

Files from Juraj Somorovsky

Open-Xchange OX Guard Cross Site Scripting / Signature Validation

Posted Aug 16, 2019

Authored by Hanno Boeck, Juraj Somorovsky, Martin Heiland, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Jens Muller, Marcus Brinkmann

Open-Xchange OX Guard versions 7.10.2 and below suffer from a cross site scripting vulnerability. Open-Xchange OX Guard versions 7.10.1 and below, 2.10.2 and below suffer from a signature validation vulnerability.

tags | exploit, xss

advisories | CVE-2018-9997, CVE-2019-11521

SHA-256 | ea4821effec5ebd51f45bdf732d362fc22eb10a99a7363c2441cceeedc97dfae

Download | Favorite | View

Johnny You Are Fired

Posted May 1, 2019

Authored by Juraj Somorovsky, Jorg Schwenk, Sebastian Schinzel, Damian Poddebniak, Hanno Bock, Jens Muller, Marcus Brinkmann

This archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.

tags | exploit, paper, spoof, proof of concept

advisories | CVE-2017-17848, CVE-2018-12019, CVE-2018-12020, CVE-2018-12356, CVE-2018-12556, CVE-2018-15586, CVE-2018-15587, CVE-2018-15588, CVE-2018-18509, CVE-2019-8338

SHA-256 | 3356c7f94ef68ddc7268602c64a93e10fbaff874992374b51f89d7cf87f71a0c

Download | Favorite | View

Apache CXF 2.5.10 / 2.6.7 / 2.7.4 Denial Of Service

Posted Jul 9, 2013

Authored by A. Falkenberg, Joerg Schwenk, Juraj Somorovsky, Christian Mainka | Site sec-consult.com

Apache CXF versions prior to 2.5.10, 2.6.7, and 2.7.4 suffer from a denial of service vulnerability.

tags | exploit, denial of service

advisories | CVE-2013-2160

SHA-256 | bd800eccaafd0f41d9a2aa6be1e7ad144231f64eaa6af3b4f06fce8a84901843

Download | Favorite | View