List of advisories
-
2010-02-03. Internet Explorer Dynamic OBJECT tag and URLMON sniffing vulnerabilities, Jorge Luis Álvarez Medina and Federico Muttis
-
2010-02-01. Cisco Secure Desktop XSS/JavaScript Injection, Matias Pablo Brutti
-
2010-02-01. Corel Paint Shop Pro Photo X2 FPX Heap Overflow, Francisco Falcon
-
2010-01-13. Google SketchUp 'lib3ds' 3DS Importer Memory Corruption, Francisco Falcon
-
2009-12-09. Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System, Pablo Annetta and Pedro Varangot
-
2009-12-02. DAZ Studio Arbitrary Command Execution, Diego Juarez
-
2009-11-23. Autodesk Maya Script Nodes Arbitrary Command Execution, Diego Juarez
-
2009-11-23. Autodesk 3DS Max Application Callbacks Arbitrary Command Execution, Sebastián Tello
-
2009-11-23. Autodesk SoftImage Scene TOC Arbitrary Command Execution, Diego Juarez, Fernando Arnaboldi and Federico Charosky
-
2009-11-18. IBM SolidDB invalid error code vulnerability, Damián Frizza
-
2009-11-17. HP Openview NNM 7.53 Invalid DB Error Code vulnerability, Damián Frizza
-
2009-11-05. Blender .blend Project Arbitrary Command Execution, Diego Juarez and Sebastián Tello
-
2009-10-06. Jetty Persistent XSS in Sample Cookies Application, Aureliano Calvo
-
2009-10-02. Hyperic HQ Multiple XSS, Gastón Rey and Pablo Carballo
-
2009-08-31. Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server, Pablo Jorge and Alberto Solino
-
2009-08-18. Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability, Federico Muttis
-
2009-07-28. Firebird SQL op_connect_request main listener shutdown vulnerability, Francisco Falcon
-
2009-07-17. Real Helix DNA RTSP and SETUP request handler vulnerabilities, Damian Frizza
-
2009-07-08. WordPress Privileges Unchecked in admin.php and Multiple Information Disclosures, Fernando Arnaboldi and José Orlicki
-
2009-07-08. Awingsoft Awakening Winds3D Viewer remote command execution vulnerability, Diego Juarez
-
2009-06-09. Internet Explorer Security Zone restrictions bypass, Jorge Luis Alvarez Medina and Federico Muttis
-
2009-06-09. DX Studio Player Firefox plug-in command injection, Diego Juarez
-
2009-06-02. Apple CUPS IPP_TAG_UNSUPPORTED Handling null pointer Vulnerability, Anibal Sacco
-
2009-05-28. StoneTrip S3DPlayers remote command injection, Diego Juarez
-
2009-05-20. Multiple XSS in Sun Communications Express, SCS team
-
2009-04-21. HTTP Response Splitting vulnerability in Sun Delegated Administrator, SCS team
-
2009-03-31. Multiple vulnerabilities in Sun Calendar Express Web Server, SCS team
-
2009-03-23. HP OpenView Buffer Overflows, Oren Isacson
-
2009-03-09. Foxit Reader Multiple Vulnerabilities, Francisco Falcón
-
2009-02-03. VNC Multiple Integer Overflows, Ariel Futoransky, Fernando Russ and Alfredo Ortega
-
2009-01-28. Amaya web editor XML and HTML parser vulnerabilities, Dan Crowley and Alfredo Ortega
-
2009-01-08. Openfire multiple vulnerabilities, Federico Muttis
-
2008-12-22. Qemu and KVM VNC server remote DoS, Alfredo Ortega
-
2008-12-10. Microsoft Word Malformed FIB Arbitrary Free Vulnerability, Ricardo Narvaja
-
2008-12-09. Vinagre show_error() format string vulnerability, Alfredo Ortega
-
2008-11-04. Adobe Reader Javascript Printf Buffer Overflow, Damian Frizza
-
2008-10-14. VLC media player XSPF Memory Corruption, Francisco Falcon
-
2008-09-12. iPhone Safari JavaScript alert Denial of Service, Nicolas Economou
-
2008-08-20. Anzio Web Print Object Buffer Overflow, Francisco Falcon
-
2008-08-20. vBulletin Cross Site Scripting Vulnerability, Federico Muttis
-
2008-08-13. Internet Explorer Zone Elevation Restrictions Bypass and Security Zone Restrictions Bypass, Jorge Luis Alvarez Medina
-
2008-08-04. Sun xVM VirtualBox Privilege Escalation Vulnerability, Anibal Sacco
-
2008-06-11. CitectSCADA ODBC service vulnerability, Sebastian Muñiz, Nicolas Economou
-
2008-06-04. NASA BigView Stack Buffer Overflow, Alfredo Ortega
-
2008-05-21. Multiple vulnerabilities in iCal, Rodrigo Carvalho, Ricardo Narvaja
-
2008-05-20. Borland Interbase 2007 Integer Overflow, Damian Frizza, Alfredo Ortega
-
2008-05-05. NASA's Common Data Format buffer overflow, Alfredo Ortega
-
2008-04-30. Wonderware SuiteLink Denial of Service vulnerability, Sebastian Muñiz
-
2008-04-28. Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls, Damian Saura, Anibal Sacco, Dario Menichelli, Norberto Kueffner, Andres Blanco, Rodrigo Carvalho
-
2008-04-03. Orbit Downloader "Download failed" buffer overflow, Diego Juarez
-
2008-03-25. SILC pkcs_decode buffer overflow, Ariel Waissbein, Pedro Varangot, Martin Mizrahi, Oren Isacson, Carlos Garcia, Ivan Arce
-
2008-03-18. Leopard Server Remote Path Traversal, Rodrigo Carvalho
-
2008-03-11. Timbuktu Pro Remote Path Traversal and Log Injection, Sebastian Muñiz
-
2008-03-04. Multiple vulnerabilities in Google's Android SDK, Alfredo Ortega
-
2008-02-27. VLC media player chunk context validation error, Felipe Manzano, Anibal Sacco
-
2008-02-25. Path Traversal vulnerability in VMware's shared folders implementation, Gerardo Richarte, Nicolas Economou
-
2008-02-04. MPlayer arbitrary pointer dereference, Felipe Manzano, Anibal Sacco
-
2008-02-04. MPlayer 1.0rc2 buffer overflow vulnerability, Damian Frizza, Alfredo Ortega
-
2008-01-28. Firebird Remote Memory Corruption, Damian Frizza and Alfredo Ortega
-
2008-01-17. CORE FORCE Kernel Buffer Overflow, Sebastian Gottschalk
-
2008-01-07. SynCE Remote Command Injection, Alfredo Ortega and Oren Isacson
-
2007-12-04. VLC Activex Bad Pointer Initialization Vulnerability, Ricardo Narvaja
-
2007-11-27. Lotus Notes buffer overflow in the Lotus WorkSheet file processor, Sebastián Muñiz
-
2007-10-10. Stack-based buffer overflow vulnerability in OpenBSD’s DHCP server, Nahuel Riva and Gerardo Richarte
-
2007-09-25. Remote command execution, HTML and JavaScript injection vulnerabilities in AOL's Instant Messaging software, Lucas Lavarello
-
2007-03-13. OpenBSD's IPv6 mbufs remote kernel buffer overflow, Alfredo Ortega
-
2007-03-05. GnuPG and GnuPG clients unsigned data injection vulnerability, Gerardo Richarte
-
2006-12-13. ProFTPD Controls Buffer Overflow, Alfredo Ortega
-
2006-09-07. Multiple vulnerabilities in ICQ Toolbar 1.3 for Internet Explorer, Luciana Tabo, Lucas Lavarello, Sebastian Cufre, Ezequiel Gutesman and Javier Garcia Di Palma
-
2006-09-07. AOL ICQ Pro 2003b heap overflow vulnerability, Luciana Tabo, Lucas Lavarello, Sebastian Cufre, Ezequiel Gutesman and Javier Garcia Di Palma
-
2006-08-14. Microsoft SRV.SYS SMB_COM_TRANSACTION Denial of Service, Gerardo Richarte
-
2006-06-09. Asterisk PBX truncated video miniframe vulnerability, Damian Saura, Alejandro Lozanoff, Eduardo Koch, Norberto Kueffner and Ivan Arce
-
2006-06-09. IAXclient truncated frames vulnerabilities, Damian Saura, Alejandro Lozanoff, Eduardo Koch, Norberto Kueffner and Ivan Arce
-
2006-03-20. Cross-Site Scripting in Verisign's haydn.exe CGI script, Alberto Soliño
-
2005-07-12. MailEnable Buffer Overflow Vulnerability, Ariel Sanchez
-
2005-02-08. MSN Messenger PNG Image Parsing Vulnerability, Juliano Rizzo
-
2004-10-12. IIS NNTP Service XPAT Command Vulnerabilities, Lucas Lavarello, Juliano Rizzo
-
2004-08-09. Cfengine RSA Authentication Heap Corruption, Juan Pablo Martinez Kuhn
-
2004-08-04. Vulnerabilities in PuTTY and PSCP, Daniel De Luca, Laura Nuñez, Carlos Sarraute
-
2003-12-10. DCE RPC Vulnerabilities New Attack Vectors Analysis, Javier Kohen, Juliano Rizzo
-
2003-09-18. Multiple IBM DB2 Stack Overflow Vulnerabilities, Juan Pablo Martinez Kuhn
-
2003-07-02. Active Directory Stack Overflow, Eduardo Arias, Gabriel Becedillas, Ricardo Quesada and Damian Saura
-
2003-07-02. NetMeeting Directory Traversal Vulnerability, Hernan Ochoa, Gustavo Ajzenman, Javier Garcia Di Palma and Pablo Rubinstein
-
2003-05-27. Axis Network Camera HTTP Authentication Bypass, Juliano Rizzo
-
2003-05-05. Multiple Vulnerabilities in Mirabilis ICQ client, Lucas Lavarello, Daniel Benmergui, Norberto Kueffner and Fernando Russ
-
2003-04-28. Vulnerabilities in Kerio Personal Firewall, Emiliano Kargieman, Hernan Gips and Javier Burroni
-
2003-04-15. Snort TCP Stream Reassembly Integer Overflow Vulnerability, Bruce Leidl and Juan Pablo Martinez Kuhn
-
2003-03-28. Vulnerability in GNOME's Eye of Gnome, Diego Kelyacoubian, Javier Kohen, Alberto Solino and Juan Vera
-
2003-03-28. RealPlayer PNG deflate heap corruption vulnerability, Juliano Rizzo, Agustin Azubel Friedman, Bruno Acselrad and Carlos Sarraute
-
2003-03-20. Vulnerability in Mutt Mail User Agent, Diego Kelyacoubian, Javier Kohen, Alberto Solino and Juan Vera
-
2003-03-19. Multiple vulnerabilities in Ximian's Evolution Mail User Agent, Diego Kelyacoubian, Javier Kohen, Alberto Solino and Juan Vera
-
2002-12-02. Vulnerability Report For Linksys Devices, Gerardo Richarte
-
2002-08-22. Vulnerability report for Windows SMB DoS, Alberto Solino and Hernan Ochoa
-
2002-07-10. Multiple vulnerabilities in Tooltalk database server, Ricardo Quesada
-
2002-07-02. Inktomi Traffic Server traffic_manager local overflow, Juliano Rizzo
-
2002-04-22. Multiple vulnerabilities in stack smashing protection technologies, Gerardo Richarte
-
2001-11-28. Vulnerability Report For WU-FTPD Server, Luciano Notarfrancesco and Juan Pablo Martinez Kuhn
-
2001-08-13. Vulnerability Report for Network Associates PGP Keyserver 7.0 for Windows NT/2000 and UNIX, Juliano Rizzo
-
2001-06-26. GroupWise 5.5 User Mailbox Authentication Vulnerability, Alberto Soliño and Juliano Rizzo
-
2001-02-08. SSH1 CRC-32 compensation attack detector vulnerability, Michal Zalewski of the Bindview RAZOR Team
-
2001-02-07. SSH protocol 1.5 session key recovery vulnerability, Ariel Waissbein and Agustin Azubel Friedman
-
2001-01-29. Vulnerability report for buffer overflow in ATT WinVNC client, Emiliano Kargieman, Agustín Azubel Friedman and Maximiliano Cáceres
-
2001-01-29. Vulnerability report for server overflow in ATT VNC for Windows, Emiliano Kargieman, Agustín Azubel Friedman and Maximiliano Cáceres
-
2001-01-23. Vulnerability report for weak authentication in ATT VNC, Emiliano Kargieman, Agustín Azubel Friedman and Maximiliano Cáceres
-
2000-12-04. Vulnerability Report For Microsoft PhoneBook Server buffer overflow, Alberto Soliño
-
2000-11-16. Report for Realserver memory contents disclosure vulnerability, Gerardo Richarte and Claudio Castiglia
-
2000-11-08. Windows NT 4.0 Terminal Server RegAPI.DLL Buffer Overflow, Bruno Acselrad and Agustín Azubel Friedman
-
2000-10-31. Netscape Servers Heap Buffer Overflow, Emiliano Kargieman and Agustín Azubel Friedman
-
2000-10-31. Netscape Servers Suite Denial of Service, Emiliano Kargieman and Agustín Azubel Friedman
-
2000-10-26. Vulnerability Report For iPlanet CMS and Netscape Directory Server, Emiliano Kargieman and Agustín Azubel Friedman
-
2000-10-25. Cisco IOS Web Administration Denial of Service, Alberto Soliño
-
2000-10-23. MySQL Authentication Vulnerability, Ariel Waissbein, Emiliano Kargieman, Carlos Sarraute, Gerardo Richarte and Agustin Azubel
-
2000-09-27. Unixware SCOhelp http server format string vulnerability, Juliano Rizzo
-
2000-09-04. UNIX locale format string vulnerability, Ivan Arce
-
2000-08-15. Vulnerability Report For BEA Weblogic's Proxy, Gerardo Richarte and Hernan Ochoa
-
2000-08-02. NAI Net Tools PKI Server vulnerabilities, Juliano Rizzo
-
2000-04-14. MS IIS FrontPage 98 Extensions Buffer Overflow Vulnerability, Gerardo Richarte and Alberto Solino
-
1999-12-01. Buffer overflow in RSAREF2, Alberto Solino and Gerardo Richarte
-
1998-06-12. SSH insertion attack, Ariel Futoransky and Gerardo Richarte
-
1998-03-23. Security Issues in Sun NIS+, Emiliano Kargieman and Ivan Arce
-
1997-04-22. Vulnerabilidades en BIND y Soluciones, Ivan Arce and Emiliano Kargieman
