XCon2007 Call For Paper

2007-05-17 Thread XFOCUS Security Team
/xcon.xfocus.org/ for the speaker information, conference arrangement and previous conferences archives. Updated announcements will be posted to XCon and XFocus website. Thank you for your support to XCon & XFocus ! XCon2007 organizing committee& XFocus Team - -- Kind Regards,

Multiple OS kernel insecure handling of stdio file descriptor

2007-01-18 Thread XFOCUS Security Team
notifiation 2006-12-12 HP responses ,assgin to SSRT061287; Sun responses but mistake this vulnerablitily as application bug and hope us figoure out real attack vector; Aix no responses; 2007-01-18 public disclosure -- Kind Regards, --- XFOCUS Security Team http://www.xfocus.org

[xfocus-SD-060329]MPlayer: Multiple integer overflows

2006-03-29 Thread XFOCUS Security Team
during August 18-20, 2006. ... more at xcon2006 call for paper http://www.xfocus.org/documents/200603/14.html Welcome ;) - -- Kind Regards, - --- XFOCUS Security Team http://www.xfocus.org -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFEKiVkwhDwaF6cSWIRAppzAJ9cCFzXSN9yuU6gNqecBlGV1IaBOgCeJfGM Vck95rxGIr86/9BZ3csUl0w= =NdG5 -END PGP SIGNATURE-

XCon2006 Call For Paper

2006-03-17 Thread XFOCUS Security Team
food and accommodations. XCon will endeavor to assist you to reserve the hotel. Thank you for your support to XCon & XFocus ! XCon2006 organizing committee& XFocus Team - -- Kind Regards, - --- XFOCUS Security Team http://www.xfocus.org -BEGIN PGP SIGNATURE

[xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability

2006-03-15 Thread XFOCUS Security Team
product. Eyas of XFOCUS Security Team discovered a buffer overflow vulnerability when Excel processes a malicous ".xls" file, which might cause Excel to crash or even execute arbitrary code. Description: Excel will initialize a stack buffer with 0x0e0e0e0e when it open a &

Re: [xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability

2006-02-07 Thread XFOCUS Security Team
Check compiler whether correct deal with sizeof operator, * which can cause integer overflow if you careless use !!! * * note: some old compiler maybe have this vulnerability * * by [EMAIL PROTECTED] * * XFOCUS Security Team * http://www.xfocus.org * * already tested: *

[xfocus-SD-060206]BCB compiler incorrect deal sizeof operator vulnerability

2006-02-06 Thread XFOCUS Security Team
ote: some old compiler have this vulnerability * * by [EMAIL PROTECTED] * * XFOCUS Security Team * http://www.xfocus.org * * already tested: * * BCB6+ent_upd4vuln !!! * gcc version 4.0.0 20050519 (Red Hat 4.0.0-8).not vuln * gcc version 2.95.

[xfocus-SD-060101]AIX getCommand&getShell two vulnerabilities

2006-01-01 Thread XFOCUS Security Team
ication .Waiting.Waiting January 1, 2006 - Public disclosure(vendor not reply) --EOF -- Kind Regards, --- XFOCUS Security Team http://www.xfocus.org