- Sam Bowne, Teaching Hacking at College
- I)ruid, Context-keyed Payload Encoding
- asm, Social Data Mining Through Telephony Vulnerabilities
- Brenda Larcom, Privilege-Centric Security Analysis
- Zax, Using Type Systems to Reduce your Security Risks
- Billy Rios, Nathan McFeters, Rob Carter, URI Use and Abuse
- Tom Stracener, Hacking the EULA: Reverse Benchmarking Web Applications
- Vivek Ramachandran, Md Sohail Ahmad, Cafe Latte with a Free Topping
of Cracked WEP: Retrieving WEP Keys From Road-Warriors
- Robert Bird, Techniques for Exploiting Anomaly Detection Systems
- Dan Griffin, Hacking Windows Vista Security
- Sam Bowne, Teaching Hacking at College
- I)ruid, Context-keyed Payload Encoding
- asm, Social Data Mining Through Telephony Vulnerabilities
- Brenda Larcom, Privilege-Centric Security Analysis
- Zax, Using Type Systems to Reduce your Security Risks
- Billy Rios, Nathan McFeters, Rob Carter, URI Use and Abuse
- Tom Stracener, Hacking the EULA: Reverse Benchmarking Web Applications
- Vivek Ramachandran, Md Sohail Ahmad, Cafe Latte with a Free Topping
of Cracked WEP: Retrieving WEP Keys From Road-Warriors
- Robert Bird, Techniques for Exploiting Anomaly Detection Systems
- Dan Griffin, Hacking Windows Vista Security
* Adan Barth (UC Berkely) and Collin Jackson (Stanford University)
discovered a flaw occurring when interpreting HTTP response headers
(CVE-2008-4818).
* Nathan McFeters and Rob Carter of Ernst and Young's Advanced
Security Center are credited for finding an unspecified vulnerability
facilitating DNS rebinding attacks (CVE-2008-4819).
* When used in a Mozilla browser, Adobe Flash Player does not
properly interpret jar: URLs, according to a report by Gregory
