RSS

Exploits by Tavis Ormandy

Date D A V Description Plat. Author
2013-06-03 - Verified Windows NT - Windows 8 EPATHOBJ Local Ring 0 Exploit 19887 windows Tavis Ormandy
2013-05-21 - Verified win32k!EPATHOBJ::pprFlattenRec Uninitialized Next Pointer Testcase 9924 windows Tavis Ormandy
2012-11-05 - Verified Sophos Products - Multiple Vulnerabilities 3059 multiple Tavis Ormandy
2012-11-05 - Verified Sophail: Applied attacks against Sophos Antivirus 910 multiple Tavis Ormandy
2012-04-19 - Verified OpenSSL ASN1 BIO Memory Corruption Vulnerability 3340 multiple Tavis Ormandy
2011-04-01 - Verified IPComp encapsulation pre-auth kernel memory corruption 1192 bsd Tavis Ormandy
2011-02-23 - Verified Red Hat Linux stickiness of /tmp 2132 linux Tavis Ormandy
2010-11-26 - Verified systemtap - Local Root Privilege Escalation Vulnerability 13329 linux Tavis Ormandy
2010-10-22 - Verified GNU C library dynamic linker LD_AUDIT arbitrary DSO load Vulnerability 10865 linux Tavis Ormandy
2010-10-18 - Verified GNU C library dynamic linker $ORIGIN expansion Vulnerability 12584 linux Tavis Ormandy
2010-08-17 - Verified Microsoft Windows nt!NtCreateThread Race Condition with Invalid Code Segment (MS10-047) 3185 windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows KTM Invalid Free with Reused Transaction GUID (MS10-047) 1710 windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows win32k!xxxRealDrawMenuItem() Missing HBITMAP Bounds Checks 2323 windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows win32k!GreStretchBltInternal() Does Not Handle src == dest 2056 windows Tavis Ormandy
2010-08-17 - Verified Microsoft Windows nt!SeObjectCreateSaclAccessBits() Missed ACE Bounds Checks (MS10-047) 2458 windows Tavis Ormandy
2010-06-10 - Verified Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly 8000 windows Tavis Ormandy
2010-04-09 - Verified Java Deployment Toolkit Performs Insufficient Validation of Parameters 2977 windows Tavis Ormandy
2010-01-19 - Verified Windows NT User Mode to Ring 0 Escalation Vulnerability 8829 windows Tavis Ormandy
2008-04-28 - Verified LibTiff 3.x Double Free Memory Corruption Vulnerability 79 linux Tavis Ormandy
2007-05-31 - Verified Bochs 2.3 - Buffer Overflow and Denial of Service Vulnerabilities 47 linux Tavis Ormandy
2006-09-27 - Verified OpenSSH <= 4.3 p1 (Duplicated Block) Remote Denial of Service Exploit 10242 multiple Tavis Ormandy
2006-08-17 - Verified GNU BinUtils 2.1x GAS Buffer Overflow Vulnerability 75 linux Tavis Ormandy
2006-04-28 - Verified LibTiff 3.x Multiple Denial of Service Vulnerabilities 72 linux Tavis Ormandy
2006-04-28 - Verified LibTiff 3.x TIFFFetchData Integer Overflow Vulnerability 84 linux Tavis Ormandy