EXODUS BLOG


Vulnerability Analysis

A browser is only as strong as its weakest byte

NOVEMBER 26, 2013
Back in September, FireEye posted a blog entry discussing CVE-2013-3147, a vulnerability in Microsoft Internet Explorer. They pointed out that Microsoft patched the issue on July 9th in Bulletin MS13-055. While reading their post...
Read More

DoS? Then Who Was Phone?

JANUARY 7, 2013
Introduction This post presents exploitation notes on a vulnerability we discovered in Asterisk, an open source telephony solution produced by Digium. We reported this bug to Digium on November 27th, 2012, and provided it...
Read More

Happy New Year Analysis of CVE-2012-4792

JANUARY 2, 2013
A new year has arrived and, although a little late, the time has come for me to unpack the present that Santa gave to the Council on Foreign Relations this Christmas. Quite a few...
Read More

Adobe Shockwave and Introspection

AUGUST 12, 2012
From Wikipedia:     In computing, type introspection is the ability for a program to examine the type or properties of an object at runtime. These days it seems there is quite a lot of research...
Read More