Minded Security - Application Security Consulting

Advisories

  • Advisory #MSA02240108: Microsoft Internet Explorer allows overwriting of several headers leading to Http request Splitting and smuggling.
  • Advisory #MSA01240108: Microsoft Internet Explorer "Transfer-Encoding: chunked" allows Request Splitting/Smuggling.
  • Advisory #MSA01150108: Apache mod_negotiation Xss and Http Response Splitting
  • Advisory #MSA01110707: Flash Player/Plugin Video file parsing Remote Code Execution
  • IE and Firefox Digest Authentication Request Splitting (04/2007)
  • Php import_req_var globals overwrite Advisory (03/2007)
  • Acrobat Reader Plugin Multiple Vulnerabilities (01/2007)
  • MySQL Server COM_TABLE_DUMP Information Leakage and Arbitrary command execution.(04/2006)
  • MySQL Server Anonymous Login Handshake Information Leakage. (04/2006)
  • MySQL Server CREATE FUNCTION libc arbitrary code execution (03/2005)
  • MySQL Server CREATE FUNCTION mysql.func table arbitrary library injection (03/2005)
  • MySQL Server insecure temporary File Creation (03/2005)
  • Php RFC1867 Arbitrary File Upload (10/2004)
  • Php shmop safemode bypass and write to arbitrary locations (10/2004)
Minded Security S.r.l. - P.Iva 05756380480 - All Rights Reserved