SEARCH RESULTS
 
Showing 1-5 of 5 records
1
 
Expand article

Auditing open source software

2007-10-08 16:13:00 by Panayiotis Mavrommatis in Google Online Security Blog
 
...integer overflow condition and the bypass of the size check. A subsequent additional integer overflow in the allocation of a buffer leads to a heap-based buffer overflow gunzip . In September 2006, my colleague Tavis Ormandy reported some interesting vulnerabilities in the gunzip decompressor. They were triggered when an evil compressed...
 
Tags: image, malicious image file, libtiff image, values, jpeg image, tiff header values, source, evil tiff file, evil
 
 
 
 
Expand article

Recent Symantec and IBM vulnerabilities, giblets, banned APIs and the SDL

2008-01-04 23:37:00 by sdl in The Security Development Lifecycle
 
...integer overflow it is possible to cause more than 2400 bytes to be copied from the WordPerfect file into the stack buffer. This overwrites the saved EIP and SEH, and can be exploited for arbitrary code execution Could the SDL have caught this bug? Probably, either through fuzzing, code inspection or static-analysis. All of which are SDL...
 
Tags: linker sdl requirements, sdl requirements, ibm, sdl, requirements, symantec, bugs affect ibm, bugs, sdl refers
 
 
 
 
Expand article

The Other Side of Life

2008-03-21 16:06:00 by sdl in The Security Development Lifecycle
 
...integer overflows came up, and he asked me to describe the problems and solutions. So I started writing some code on the whiteboard. After about 10 minutes of describing my approach to integer overflows, he said to me, What if I were to tell you thats a really bad solution, and the interview is over My heart sank But instead of rolling over,...
 
Tags: team, product team, engineers, security engineers, security, balance security, security professional, test managers, test
 
 
 
 
Expand article

Flash Player + Windows = Threat of SQL Injection

2008-05-29 15:59:09 by Editor in IT Security - The IT Security Industry's Web Resource
 
...integer overflow vulnerability originally discovered by Mark Dowd (CVE-2007-0071), which was patched by Adobe with release of version 9.0.124.0 of the Flash Player. While some have reported that the latest version is vulnerable, the CTU was unable to duplicate these results with samples taken from known exploit sites. The only confirmed...
 
Tags: vulnerable version, vulnerable, exploit, flash exploit, sql injection attack, integer overflow vulnerability, exploit sites, flash player, vulnerability
 
 
 
 
Expand article

EPTS: Proposed Event Processing Definitions, September 20, 2006

2008-08-21 05:47:11 by Tim Bass in The Complex Event Processing Blog
 
...integer, real, boolean or a complex data type event refinement (n.) filter, identify and track events & make initial processing decisions based on association, correlation and state estimation. Sometimes referred to as Level 1 event, or event-object, track and trace event stream (n.) a time-ordered sequence of events. An event stream may be...
 
Tags: event, event-object, business process management, process, event correlation, process refinement, simple, simple event, process events
 
 
 
 
 
Showing 1-5 of 5 records
1
 
TOP SEARCH
Expand / MinimizeClose Widget
  •  
RECENT SEARCH
Expand / Minimize
  •  
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia