Personal


Twitter
LinkedIn
Packet Storm

Blog/News


Securify - Pwning WordPress with Cross-Site Scripting
OWASP BeNeLux 2016-2 - The State of Security of WordPress (plugins) (slides)
Securify - Summer of Pwnage, one month of WordPress pwning
SecurityWeek - VMware Tools Flaw Allowed Code Execution via DLL Hijacking
The Register - And now for a lazy Fri...d'oh! Two VMware patches just landed!?
Softpedia - Summer of Pwnage Event Yields 64 Security Bugs in WordPress Core and Plugins (interview)
Securify - There's a party in OLE, and you are invited
Securify - Exploiting the Xamarin.Android DLL hijack vulnerability
SecurityWeek - Researchers Keep Finding Bugs in Google's Password Alert Extension
The Hacker News - Hacker Finds a Simple Way to Bypass Google Password Alert
PCWorld - Security researchers poke holes in Google's anti-phishing Chrome extension
Security.nl - Kat-en-muisspel rond Google Password Alert duurt voort (Dutch)
Securify - Java SE a PATH to privilege escalation
Securify - Responsible disclosure or concealed bug report?
Securify - Tales from the crypt: exploiting the .NET EncoderParameter integer overflow vulnerability
SecurityWeek - Cisco Fixes Vulnerabilities in Small Business Routers
The Hacker News - Update Adobe Reader app for Android to Patch Remote Code Execution Vulnerability
ThreatPost - Arbitrary Code Execution Bug in Android Reader
HEAT Security Blog - Got Adobe Reader on your Android device? You Had Best Update it ASAP
Computable - Adobe dicht lek in Reader for Android (Dutch)
Testnet - Security Testen nog steeds onderbelicht (Dutch)
Security.nl - Nederlander vindt gevaarlijk Windows-lek (Dutch)

/img/msrctop1002016.jpeg

Security advisories


SFY20160781 - Cross-Site Request Forgery in Insert Html Snippet WordPress Plugin
SFY20160785 - Stored Cross-Site Scripting in WP Canvas - Shortcodes WordPress Plugin
SFY20160728 - Cross-Site Scripting in All In One WP Security & Firewall WordPress Plugin
SFY20160607 - YITH WooCommerce Compare WordPress Plugin unauthenticated PHP Object injection vulnerability
SFY20160713 - Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin
SFY20160701 - Path traversal vulnerability in WordPress Core Ajax handlers
SFY20160301 - Internet Explorer iframe sandbox local file name disclosure vulnerability
SFY20160603 - Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability
SFY20160779 - Cross-Site Scripting in Store Locator Plus for WordPress
SFY20151201 - DLL side loading vulnerability in VMware Host Guest Client Redirector
SFY20160783 - Cross-Site Scripting in Uji Countdown WordPress Plugin
SFY20160776 - Cross-Site Scripting in Activity Log WordPress Plugin
SFY20160778 - Cross-Site Scripting in Count per Day WordPress Plugin
SFY20160784 - Cross-Site Scripting in WangGuard WordPress Plugin
SFY20160775 - Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin
SFY20160777 - Cross-Site Scripting in Contact Bank WordPress Plugin
SFY20160722 - Cross-Site Scripting vulnerability in ColorWay WordPress Theme
SFY20160707 - Multiple SQL injection vulnerabilities in WordPress Video Player
SFY20160730 - Cross-Site Request Forgery in Icegram WordPress Plugin
SFY20160719 - Cross-Site Scripting vulnerability in Google Forms WordPress Plugin
SFY20160718 - Cross-Site Scripting vulnerability in WP No External Links WordPress Plugin
SFY20160715 - Cross-Site Scripting vulnerability in Top 10 - Popular posts plugin for WordPress
SFY20160714 - Cross-Site Scripting vulnerability in Simple Membership WordPress Plugin
SFY20160721 - Easy Forms for MailChimp Local File Inclusion vulnerability
SFY20160720 - WP Fastest Cache Member Local File Inclusion vulnerability
SFY20160711 - Cross-Site Scripting vulnerability in Master Slider WordPress Plugin
SFY20160710 - Cross-Site Scripting vulnerability in Email Users WordPress Plugin
SFY20160712 - Cross-Site Scripting vulnerability in Profile Builder WordPress Plugin
SFY20150804 - Microsoft Visio multiple DLL side loading vulnerabilities
SFY20160201 - .NET Framework 4.6 allows side loading of Windows API Set DLL
SFY20150904 - Windows Mail Find People DLL side loading vulnerability
SFY20151101 - MapsUpdateTask Task DLL side loading vulnerability
SFY20150906 - BDA MPEG2 Transport Information Filter DLL side loading vulnerability
SFY20150905 - NPS Datastore server DLL side loading vulnerability
SFY20150903 - HP LaserJet Fax Preview DLL side loading vulnerability
SFY20150902 - HP ToComMsg DLL side loading vulnerability
SFY20150901 - LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities
SFY20150806 - OLE DB Provider for Oracle multiple DLL side loading vulnerabilities
SFY20150802 - Shockwave Flash Object DLL side loading vulnerability
SFY20151102 - Shutdown UX DLL side loading vulnerability
SFY20150803 - Windows Authentication UI DLL side loading vulnerability
SFY20150805 - Event Viewer Snapin multiple DLL side loading vulnerabilities
SFY20150801 - COM+ Services DLL side loading vulnerability
SFY20150701 - Cisco AnyConnect elevation of privileges via DMG install script
SFY20150601 - Cisco AnyConnect elevation of privileges via DLL side loading
SFY20150501 - Integer overflow in .NET Framework System.DirectoryServices.Protocols.Utility class
GitHUb - iframe sandbox attribute allows evasion of extension
SFY20140402 - Viber for Android exposes insecure Javascript interface
SFY20130601 - Cisco RV Series multiple vulnerabilities
SFY20140403 - Outlook.com for Android fails to validate server certificates
Umbraco - Security issues found in Umbraco 4, 6 and 7
SFY20140401 - Adobe Reader for Android exposes insecure Javascript interfaces
SFY20140301 - NSS 2014 affected by remote code execution & insecure certificate validation
SFY20130501 - Path traversal vulnerability in File Roller
AK20110801 - .NET Framework EncoderParameter integer overflow vulnerability
AK20100601 - Office arbitrary ClickOnce application execution vulnerability
AK20090402 - Akamai Download Manager arbitrary file download & execution
AK20091001 - Outlook PR_ATTACH_METHOD file execution vulnerability
AK20090401 - getPlus insufficient domain name validation vulnerability
AK20090301 - FreeWebshop.org: multiple vulnerabilities
AK20090601 - yTNEF/Evolution TNEF plugin traversal & overflow vulnerabilities
AK20090602 - PulseAudio local race privilege escalation vulnerability
AK20080401 - XP: inconsistent verification messages for signed execs
AK20070603 - XUpload multiple vulnerabilities
AK20070602 - XUpload/JUpload arbitrary file upload
AK20070601 - XUpload stack-based buffer overflow vulnerability
AK20060602 - Aangifte 2005 privilege escalation vulnerability
AK20060601 - Internet Explorer redirect arbitrary file access vulnerability
AK20050803 - MMC resource cross-site scripting vulnerability
AK20050802 - Internet Explorer: drag and drop, loading files from TIF
AK20050801 - Internet Explorer inconsistent file protocol handling
AK20050601 - PowerPoint/IE reload information disclosure vulnerability
AK20040801 - Address bar spoofing flaw in Internet Explorer

Exploits/Proof of concepts


Metasploit - Office OLE Multiple DLL Side Loading Vulnerabilities
Metasploit - Internet Explorer Iframe Sandbox File Name Disclosure Vulnerability
Metasploit - DLL Side Loading Vulnerability in VMware Host Guest Client Redirector
SFY20150901 - HP Color LaserJet CM2320 MFP Series multiple DLL side loading vulnerabilities
SFY20151201 - MS15-132: Office OLE multiple DLL side loading vulnerabilities
SFY20150701 - Cisco AnyConnect elevation of privileges via DMG install script
SFY20150601 - Cisco AnyConnect elevation of privileges via DLL side loading
SFY20140401 - Adobe Reader for Android exposes insecure Javascript interfaces
SFY20110801 - .NET Framework EncoderParameter integer overflow vulnerability
Metasploit - Outlook ATTACH_BY_REF_ONLY File Execution
AK20091001 - Outlook PR_ATTACH_METHOD file execution vulnerability (ATTACH_BY_REF_ONLY)
Metasploit - Outlook ATTACH_BY_REF_RESOLVE File Execution
AK20091001 - Outlook PR_ATTACH_METHOD file execution vulnerability (ATTACH_BY_REF_RESOLVE)
AK20090601 - yTNEF/Evolution TNEF Attachment decoder plugin directory traversal & buffer overflow vulnerabilities
AK20090602 - PulseAudio local race condition privilege escalation vulnerability
AK20050802 - Internet Explorer: drag and drop, loading files from TIF
AK20050601 - PowerPoint/IE reload information disclosure vulnerability
parse_srv.c.diff - MS04-037: Vulnerability in Windows Shell Could Allow Remote Code Execution
EMFexp.c - Enhanced Meta File arbitrary memory access
EudoraBoF.c - Eudora long attachment file name buffer overflow

Demos


Vimeo - VMware Host Guest Client Redirector DLL hijack
Vimeo - Cisco AnyConnect elevation of privileges via DMG install script
Vimeo - Cisco AnyConnect elevation of privileges via DLL side loading
Vimeo - Office OLE multiple DLL side loading vulnerabilities
Vimeo - Google Password Alert 1.6 bypass proof of concept
Vimeo - .NET Framework EncoderParameter integer overflow vulnerability demo
Vimeo - IE 10/11 UXSS XFO demo
Vimeo - CVE-2012-0013 Word 2007 proof of concept
Vimeo - CVE-2012-0013 PowerPoint 2007 proof of concept
Vimeo - Meldknop Chrome Extension malicious update