exploit the possibilities

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from James Kettle

Bugzilla Account Creation / XSS / Information Leak

Posted Oct 7, 2014

Authored by Frederic Buclin, Byron Jones, David Lawrence, Netanel Rubin, Simon Green, James Kettle, Matt Tyson | Site bugzilla.org

Bugzilla Security Advisory - Bugzilla versions 2.23.3 to 4.0.14, 4.1.1 to 4.2.10, 4.3.1 to 4.4.5, and 4.5.1 to 4.5.5 suffer from unauthorized account creation, cross site scripting, and information leak vulnerabilities.

tags | advisory, vulnerability, xss, info disclosure

advisories | CVE-2014-1571, CVE-2014-1572, CVE-2014-1573

SHA-256 | 0d0e7c27532f6562403faf6ddb1249c6fce16ba6525feadfe7c92217191a6748

Download | Favorite | View

OpenOffice 4.1.0 Calc Command Injection

Posted Aug 22, 2014

Authored by James Kettle, Rohan Durve

Apache OpenOffice versions 4.1.0 and below on Windows suffers from a command injection vulnerability when loading calc spreadsheets. OpenOffice.org versions may also be affected.

tags | advisory

systems | windows

advisories | CVE-2014-3524

SHA-256 | 86a77c478eecf9bc2d12a53ac552a95f0f16445270b7fd1fc0bc882821dbcac6

Download | Favorite | View