Vulnerabilities

This is a list of vulnerabilities found by members of the ISIS Lab.

2013-07-16 (Patched 2013-07-24) - patch.com XSS vulnerability by Brent Rubell:  Stored XSS vulnerability that affected all communities of patch.com.
2013-03-29 (Patched 2013-05-17) - Wireshark bugs 8540 and 8541 by Evan Jensen:   Integer overflow leads to memory corruption on the heap, requires no user interaction.  CVE-2013-3559
2013-03-12 (Patched 2013-04-25) - Wireshark bug 8464 by Moshe Kaplan:  DoS (long loop) in ETCH dissector.  CVE-2013-3561
2013-03-10 (Patched 2013-04-25) - Wireshark bug 8458 by Moshe Kaplan:  DoS (infinite loop) in MySQL dissector.  CVE-2013-3561
2013-03-07 (Patched 2013-03-15) - Wireshark bug 8448 by Moshe Kaplan:  DoS (stack overflow) in Websocket dissector.  CVE-2013-3561  CVE-2013-3562
2013-02-26 (Patched 2013-02-26) - DIASPORA* issue 4010 by Alan Huang:  Reflected XSS vulnerability.
2013-02-20 (Patched 2013-03-06) - Wireshark bug 8364 by Evan Jensen:  A comparison between two integers of different sizes in the condition of a while loop leads to a denial of service by a specially crafted packet. Affects all major operating systems 32/64bit. Triggered without any user interaction.  CVE-2013-2486  CVE-2013-2487
2013-02-20 (Patched 2013-03-06) - Wireshark bug 8337 by Moshe Kaplan:  DoS (infinite loop) in AMQP dissector (packet-amqp.c).  CVE-2013-2482
2013-02-20 (Patched 2013-03-06) - Wireshark bug 8346 by Moshe Kaplan:  Memory buffer overrun in CIMD dissector (packet-cimd.c).  CVE-2013-2484
2013-02-20 (Patched 2013-03-06) - Wireshark bug 8359 by Moshe Kaplan:  DoS (infinite loop) in FC-SP dissector (packet-fcsp.c).  CVE-2013-2485
2013-02-01 (Patched 2013-02-01) - DIASPORA* issue 3948 by Kevin Chung:  Persistent XSS vulnerability.
2012-12-20 (Patched 2013-01-30) - woot.com vulnerability by Kevin Chung:  CSRF Vulnerability.
2012-12-13 (Patched 2012-12-16) - gilt.com Local File Read/SQL injection vulnerability by Omar:   The file read had some file length limitations, but it allowed reading of local files, as well as reading a remote url to use for XSS.
2012-11-03 (Patched) Presseract XSS bug by Kevin Chung.
2012-01-23 (Patched) - Facebook.com Mobile Like Button CSRF vulnerability by Omar:  At one point, CSRF protection was either missing or not fully functional for certain forms on the mobile version of the website. This allowed attackers to CSRF the like button, forcing victims to like pages, statuses, or photos automatically.
2012-01-23 (Patched 2013-01-30) - paypal.com XSS vulnerability via Flash Applet by Omar:  Paypal ran a wordpress blog that contained a theme which was packaged with an old version of a flash applet. Because this was a flash applet, it was possible to evade reflected xss mitigations such as XSS Auditor in chrome.
2010-06-21 (Patched 2011-03-10) - AntiSamy bug by Julian Cohen:  Stack exhaustion bug that crashes AntiSamy and prevents sanitization of HTML.
2005-10-20 (Patched 2005-11-18Electric Sheep Multiple Network-related Vulnerabilities by Dan Guido: Insecure update, unpatched libraries.
2005-10-20 (Patched 2005-11-18) - Electric Sheep window-id stack overflow vulnerability by Michael Aiello.