New User, Welcome!     Login

Personal Page

Feed Sidebar Firefox Extension - Privileged Code Injection

+------+

Discovered and advised to the Feed Sidebar developer
March 2009 by Nick Freeman of Security-Assessment.com.
Contact: Nick Freeman \\AT\\ security-assess\m/ent.com
Personal Page: http://atta.cked.me


For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:

Yoono Firefox Extension - Privileged Code Injection

+------+

Discovered and advised to the Yoono developers
June 2009 by Nick Freeman of Security-Assessment.com.
Contact: Nick Freeman \\AT\\ security-assess\m/ent.com
Personal Page: http://atta.cked.me


For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:

ScribeFire Firefox Extension - Privileged Code Injection

+------+

Discovered and advised to the ScribeFire developer
July 2009 by Nick Freeman of Security-Assessment.com.
Contact: Nick Freeman \\AT\\ security-assess\m/ent.com
Personal Page: http://atta.cked.me


For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:

CoolPreviews - Firefox Extension - Chrome Privileged Code Injection

|Credit|
+------+

Discovered and advised to the CoolPreviews vendor
March 2009 by Roberto Suggi Liverani of Security-
Assessment.com. Personal Page: http://malerisch.net/

For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:
http://www.security-assessment.com/files/advisories/CoolPreviews_Firefox_Extension_Security_Advisory.pdf

Opera Stored Cross Site Scripting Vulnerability

== Credit ==

Discovered and advised to Opera
October 2008 by Roberto Suggi Liverani of
Security-Assessment.com
Personal Page: http://malerisch.net

== Greetings ==

To all my SA colleagues - you guys rock! ;-)

Multiple Adobe Products - XML External Entity And XML Injection Vulnerabilities

|Credit|
+------+

Discovered and advised to Adobe in
November 2009 by Roberto Suggi Liverani of Security-
Assessment.com. Personal Page: http://malerisch.net/

For full details regarding this vulnerability
download the PDF from our website:

http://www.security-assessment.com/files/advisories/2010-02-22_Multiple_Adobe_Products-XML_External_Entity_and_XML_Injection.pdf

WizzRSS Firefox Extension - Privileged Code Injection

Discovered and advised to the WizzRSS developer
February 2009 by Nick Freeman of
Security-Assessment.com.
Contact: Nick Freeman \\AT\\ security-assess\m/ent.com
Personal Page: http://atta.cked.me


For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:

Update Scanner - Firefox Extension - Chrome Privileged Code Injection

|Credit|
+------+

Discovered and advised to the Update Scanner developer
June 2009 by Roberto Suggi Liverani of Security-
Assessment.com. Personal Page: http://malerisch.net/

For full details regarding this vulnerability
(including a detailed proof of concept exploit)
download the PDF from our website:
http://www.security-assessment.com/files/advisories/Update_Scanner_Firefox_Extension_Security_Advisory.pdf


Copyright © 1995-2012 LinuxRocket.net. All rights reserved.

Nearly all of LinuxRocket's features are free. Be kind and donate to the cause!