GNU gv Stack Overflow Vulnerability

. //- Solution No known solution. You have to wait for a vendor upgrade and be careful with unknown PS files. //- Impact Successful exploitation leads to remote code execution. //- Credits Renaud Lifchitz r.lifchitz at sysdream dot com http://www.sysdream.com/ //- Greetings

An analysis of Microsoft Windows Vista’s AS LR

this protection : http://www.sysdream.com/articles/Analysis-of-Microsoft-Windows-Vista's-ASLR.pdf Regards, Renaud Lifchitz Information Security Consultant SYSDREAM: http://www.sysdream.com/

Microsoft MSN Hotmail : Cross-Site Scripting Vulnerability

Microsoft MSN Hotmail : Cross-Site Scripting Vulnerability //- Advisory Program : Microsoft MSN Hotmail Homepage : http://www.hotmail.com Discovery: 2006/01/28 Author Contacted : 2006/03/21 Found by : crashfr at sysdream dot com This Advisory: nono2357

Re: [Full-disclosure] Mozilla Thunderbird : Multiple Information Disclosure Vulnerabilities

disclosure doesn't come from the first iframe, but from the second one. Indeed, the inline attachment basic.html itself contains a iframe, which is not correctly filtered and makes Thunderbird fetch any external resource. Best regards, Renaud Lifchitz http://www.sysdream.com Daniel Veditz wrote

Mozilla Thunderbird : Remote Code Execution Denial of Service

Mozilla Thunderbird : Remote Code Execution Denial of Service //- Advisory Program : Mozilla Thunderbird Homepage : http://www.mozilla.com/thunderbird/ Tested version : = 1.0.7 Found by : nono2357 at sysdream dot com This advisory: nono2357 at sysdream dot