This is a list of vulnerabilities found by members of the OSIRIS Lab.

  • 2017-03-08 – Multiple issues in Pharos PopUp software including 2 remote code execution vulnerabilities. CVE-2017-2785, CVE-2017-2786, CVE-2017-2787, CVE-2017-2788
  • 2013-07-16 (Patched 2013-07-24) – patch.com XSS vulnerability by Brent Rubell:  Stored XSS vulnerability that affected all communities of patch.com.
  • 2013-03-29 (Patched 2013-05-17) – Wireshark bugs 8540 and 8541 by Evan Jensen:   Integer overflow leads to memory corruption on the heap, requires no user interaction.  CVE-2013-3559
  • 2013-03-12 (Patched 2013-04-25) – Wireshark bug 8464 by Moshe Kaplan:  DoS (long loop) in ETCH dissector.  CVE-2013-3561
  • 2013-03-10 (Patched 2013-04-25) – Wireshark bug 8458 by Moshe Kaplan:  DoS (infinite loop) in MySQL dissector.  CVE-2013-3561
  • 2013-03-07 (Patched 2013-03-15) – Wireshark bug 8448 by Moshe Kaplan:  DoS (stack overflow) in Websocket dissector.  CVE-2013-3561  CVE-2013-3562
  • 2013-02-26 (Patched 2013-02-26) – DIASPORA* issue 4010 by Alan Huang:  Reflected XSS vulnerability.
  • 2013-02-20 (Patched 2013-03-06) – Wireshark bug 8364 by Evan Jensen:  A comparison between two integers of different sizes in the condition of a while loop leads to a denial of service by a specially crafted packet. Affects all major operating systems 32/64bit. Triggered without any user interaction.  CVE-2013-2486  CVE-2013-2487
  • 2013-02-20 (Patched 2013-03-06) – Wireshark bug 8337 by Moshe Kaplan:  DoS (infinite loop) in AMQP dissector (packet-amqp.c).  CVE-2013-2482
  • 2013-02-20 (Patched 2013-03-06) – Wireshark bug 8346 by Moshe Kaplan:  Memory buffer overrun in CIMD dissector (packet-cimd.c).  CVE-2013-2484
  • 2013-02-20 (Patched 2013-03-06) – Wireshark bug 8359 by Moshe Kaplan:  DoS (infinite loop) in FC-SP dissector (packet-fcsp.c).  CVE-2013-2485
  • 2013-02-01 (Patched 2013-02-01) – DIASPORA* issue 3948 by Kevin Chung:  Persistent XSS vulnerability.
  • 2012-12-20 (Patched 2013-01-30) – woot.com vulnerability by Kevin Chung:  CSRF Vulnerability.
  • 2012-12-13 (Patched 2012-12-16) – gilt.com Local File Read/SQL injection vulnerability by Omar:   The file read had some file length limitations, but it allowed reading of local files, as well as reading a remote url to use for XSS.
  • 2012-11-03 (Patched) – Presseract XSS bug by Kevin Chung.
  • 2012-01-23 (Patched) – Facebook.com Mobile Like Button CSRF vulnerability by Omar:  At one point, CSRF protection was either missing or not fully functional for certain forms on the mobile version of the website. This allowed attackers to CSRF the like button, forcing victims to like pages, statuses, or photos automatically.
  • 2012-01-23 (Patched 2013-01-30) – paypal.com XSS vulnerability via Flash Applet by Omar:  Paypal ran a wordpress blog that contained a theme which was packaged with an old version of a flash applet. Because this was a flash applet, it was possible to evade reflected xss mitigations such as XSS Auditor in chrome.
  • 2010-06-21 (Patched 2011-03-10) – AntiSamy bug by Julian Cohen:  Stack exhaustion bug that crashes AntiSamy and prevents sanitization of HTML.
  • 2005-10-20 (Patched 2005-11-18) – Electric Sheep Multiple Network-related Vulnerabilities by Dan Guido: Insecure update, unpatched libraries.
  • 2005-10-20 (Patched 2005-11-18) – Electric Sheep window-id stack overflow vulnerability by Michael Aiello.