by Julien Ahrens | Friday, November 9, 2012 | Advisory
Inshell Security Advisory Inshell Security Advisory Home 1\. ADVISORY INFORMATION ———————– Product: Zoner Photo Studio Vendor URL: www.zoner.com Type: Stack-based Buffer Overflow [CWE-121] Date found: 2012-10-17 Date...
by Julien Ahrens | Friday, November 9, 2012 | Exploit
My last advisory IA42 “Zoner Photo Studio v15 Build3 (Zps.exe) Registry Value Parsing Local Buffer Overflow” looks like a general exploitable vulnerability, but it is quite interesting to exploit because there is a major memory protection in use: SafeSEH....
by Julien Ahrens | Wednesday, October 10, 2012 | Bug Bounty
Great news! A few months ago I submitted a Cross-Site Scripting Vulnerability to the official Bug Bounty program of PayPal: It was accepted, fixed, and fully paid out, and I was very excited about the nice bounty :-). Additionally this has been my first participation...
by Julien Ahrens | Sunday, September 30, 2012 | Advisory
Hamburg.de – The website of the most beautiful city in Germany which is famous for its big port and its amazing atmosphere. Some days ago I had found a Non-Persistent Cross-Site Scripting vulnerability on this website and informed the team of Hamburg.de about...
by Julien Ahrens | Sunday, September 23, 2012 | Exploit
First of all…thanks b33f from fuzzysecurity.com for your hint which helped a lot in solving the reliability issue of my last exploit 🙂 ! In my last article I wrote about a missing reliable way of executing shellcode. I received a mail from b33f about the...
