Showing 1 - 7 of 7

Files from Byron Jones

First Active	2012-04-19
Last Active	2015-09-10

Bugzilla Unauthorized Account Creation: Posted Sep 10, 2015; Authored by Frederic Buclin, Byron Jones, Netanel Rubin | Site bugzilla.org; Bugzilla versions 2.0 to 4.2.14, 4.3.1 to 4.4.9, and 4.5.1 to 5.0 suffer from an unauthorized account creation vulnerability.; tags | advisory; advisories | CVE-2015-4499; SHA-256 | 9b1272725e4045835294ef9f644a6664c5657f9a14374d95b6685f5bdc61cc69; Download | Favorite | View

Bugzilla Account Creation / XSS / Information Leak: Posted Oct 7, 2014; Authored by Frederic Buclin, Byron Jones, David Lawrence, Netanel Rubin, Simon Green, James Kettle, Matt Tyson | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.; tags | advisory, vulnerability, xss, info disclosure; advisories | CVE-2014-1571, CVE-2014-1572, CVE-2014-1573; SHA-256 | 0d0e7c27532f6562403faf6ddb1249c6fce16ba6525feadfe7c92217191a6748; Download | Favorite | View

Bugzilla 3.x / 4.x Cross Site Request Forgery: Posted Jul 25, 2014; Authored by Mario Gomes, Byron Jones, Reed Loden, Simon Green | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 3.7.1 to 4.0.13, 4.1.1 to 4.2.9, 4.3.1 to 4.4.4, and 4.5.1 to 4.5.4 suffer from a cross site request forgery vulnerability.; tags | advisory, csrf; advisories | CVE-2014-1546; SHA-256 | cd0337a3196b87e65a4382c3d46665e5a07957324bbe8fa092ed144b51893ab0; Download | Favorite | View

Bugzilla Cross Site Request Forgery / Social Engineering: Posted Apr 21, 2014; Authored by Frederic Buclin, Byron Jones, Reed Loden, David Lawrence, Manish Goregaokar | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 2.0 through 4.4.2 and 4.5.1 through 4.5.2 suffer from a cross site request forgery vulnerability. Bugzilla versions 2.0 through 4.0.11, 4.1.1 through 4.2.7, 4.3.1 through 4.4.2, and 4.5.1 through 4.5.2 suffer from a social engineering vulnerability.; tags | advisory, csrf; advisories | CVE-2014-1517; SHA-256 | e3f8c68b0a1bbdf0fb518956a6f0baea7892e0d7d30f6fb5905d155c12849c5b; Download | Favorite | View

Bugzilla LDAP Injection / Directory Browsing: Posted Aug 31, 2012; Authored by Frederic Buclin, Byron Jones, Reed Loden | Site bugzilla.org; Bugzilla Security Advisory - When the user logs in using LDAP, the username is not escaped before being passed to LDAP which could potentially lead to LDAP injection. Extensions are not protected against directory browsing by default and users can view the source code of templates used by the extensions. These templates may contain sensitive data.; tags | advisory; advisories | CVE-2012-3981; SHA-256 | a5d9eb97d8ed5caaa5684888b740b5cecb254605b98dce901b0bd2362f639636; Download | Favorite | View

Bugzilla Information Leaks: Posted Jul 28, 2012; Authored by Frederic Buclin, Byron Jones | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 4.1.1 to 4.2.1, 4.3.1 suffer from a permission trust vulnerability. Bugzilla versions 2.17.5 to 3.6.9, 3.7.1 to 4.0.6, 4.1.1 to 4.2.1, 4.3.1 leak the description of a private attachment.; tags | advisory, info disclosure; advisories | CVE-2012-1968, CVE-2012-1969; SHA-256 | ccbe41f39c39d46f4dd678d5b50b50f6b23d74222a0aadab053e8ce5c1e2b4db; Download | Favorite | View

Bugzilla Unauthorized Access / Cross Site Scripting: Posted Apr 19, 2012; Authored by Soroush Dalili, Frederic Buclin, Byron Jones | Site bugzilla.org; Bugzilla Security Advisory - Bugzilla versions 3.5.3 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from an authorized access vulnerability. Bugzilla versions 2.17.4 to 3.6.8, 3.7.1 to 4.0.5, and 4.1.1 to 4.2 suffer from a cross site scripting vulnerability.; tags | advisory, xss; advisories | CVE-2012-0465, CVE-2012-0466; SHA-256 | cd5bcb16d9fc77f836d09c3e0255fb95fd2cfe29cc6147822f65c77d60475b15; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days