-
```
There is an obvious path traversal in Kaspersky Virtual Keyboard, a hosting
website can simply do element.GetGraphics("../../../../whatever") to read any
png file on the victims computer.
x = d…
-
```
Kaspersky requested that I start sending them raw fuzz output, in order to more
rapidly get reports. I agreed, and sent them the first batch of crashes after
verifying they all reproduced with t…
-
```
http://www.ubuntu.com/usn/usn-2581-1/
---
Tavis Ormandy discovered that NetworkManager incorrectly filtered paths
when requested to read modem device contexts. A local attacker could
possibly use…
-
```
Kaspersky requested that I start sending them raw fuzz output, in order to more
rapidly get reports. I agreed, and sent them the first batch of crashes after
verifying they all reproduced with t…
-
```
http://www.ubuntu.com/usn/usn-2581-1/
---
Tavis Ormandy discovered that NetworkManager incorrectly filtered paths
when requested to read modem device contexts. A local attacker could
possibly use…
-
```
There is an obvious path traversal in Kaspersky Virtual Keyboard, a hosting
website can simply do element.GetGraphics("../../../../whatever") to read any
png file on the victims computer.
x = d…
-
```
http://www.ubuntu.com/usn/usn-2581-1/
---
Tavis Ormandy discovered that NetworkManager incorrectly filtered paths
when requested to read modem device contexts. A local attacker could
possibly use…
-
```
The fusermount binary calls setuid(geteuid()) to reset the ruid when
it invokes /bin/mount so that it can use privileged mount options that
are normally restricted if ruid != euid. That's acceptab…
-
```
Kaspersky requested that I start sending them raw fuzz output, in order to more
rapidly get reports. I agreed, and sent them the first batch of crashes after
verifying they all reproduced with t…
-
```
One component of Avast Antivirus is called "Sandbox". As you might guess, it's
a proprietary application sandbox for Windows. Avast describes it as "[...]
lets you run apps, download files, and …