RSS

Exploits by Tavis Ormandy

Date D A V Description Plat. Author
2013-06-03 - Verified Windows NT/2K/XP/2K3/Vista/2K8/7/8 - EPATHOBJ Local Ring 0 Exploit windows Tavis Ormandy
2013-05-21 - Verified win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase windows Tavis Ormandy
2012-11-05 - Verified Sophos Products - Multiple Vulnerabilities multiple Tavis Ormandy
2012-11-05 - Verified Sophail: Applied attacks against Sophos Antivirus multiple Tavis Ormandy
2012-04-19 - Verified OpenSSL ASN1 BIO Memory Corruption Vulnerability multiple Tavis Ormandy
2011-04-01 - Verified IPComp encapsulation pre-auth kernel memory corruption bsd Tavis Ormandy
2011-02-23 - Verified Red Hat Linux stickiness of /tmp linux Tavis Ormandy
2010-11-26 - Verified systemtap - Local Root Privilege Escalation Vulnerability linux Tavis Ormandy
2010-10-22 - Verified GNU C library dynamic linker LD_AUDIT - Arbitrary DSO Load Vulnerability (Local Root) linux Tavis Ormandy
2010-10-18 - Verified GNU C library dynamic linker $ORIGIN expansion Vulnerability linux Tavis Ormandy
2010-08-17 - Verified Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047) windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047) windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047) windows Tavis Ormandy
2010-06-10 - Verified Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly windows Tavis Ormandy
2010-06-10 - Verified Microsoft Help and Support Center 'sysinfo/sysinfomain.htm' Cross Site Scripting Weakness windows Tavis Ormandy
2010-04-09 - Verified Java Deployment Toolkit Performs Insufficient Validation of Parameters windows Tavis Ormandy
2010-02-09 - Verified Microsoft Windows XP/VISTA/2000/2003 Double Free Memory Corruption Local Privilege Escalation Vulnerability windows Tavis Ormandy
2010-01-19 - Verified Windows NT - User Mode to Ring 0 Escalation Vulnerability windows Tavis Ormandy
2009-12-16 - Verified Linux Kernel 2.6.x 'fasync_helper()' Local Privilege Escalation Vulnerability linux Tavis Ormandy
2009-09-16 - Verified NetBSD <= 5.0.1 'IRET' General Protection Fault Handling Local Privilege Escalation Vulnerability bsd Tavis Ormandy
2008-04-28 - Verified LibTiff 3.x Double Free Memory Corruption Vulnerability linux Tavis Ormandy
2007-05-31 - Verified Bochs 2.3 - Buffer Overflow and Denial of Service Vulnerabilities linux Tavis Ormandy
2006-09-27 - Verified OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit multiple Tavis Ormandy