CERT

Vulnerability Analysis Blog


Recently in Research Category

Release of Dranzer ActiveX Fuzzing Tool

By Will Dormann on April 16, 2009 11:50 AM | Permalink

Hi, it's Will. As previously mentioned, we have been investigating and discovering ActiveX vulnerabilities over the past few years. Today we released the Dranzer tool that we have developed to test ActiveX controls.


Continue reading Release of Dranzer ActiveX Fuzzing Tool
Categories:  Discovery, Research, Web

Conficker.C: How many are there?

By Sidney Faber on March 31, 2009 6:10 PM | Permalink

Hello, Sid Faber from the Network Situational Awareness group at CERT. Like just about everyone else, we've been following the Conficker worm for a while and thought some updated stats on the Conficker.C variant might be useful.


Continue reading Conficker.C: How many are there?
Categories:  Analysis, Research

Windows Installer Application Resiliency

By Will Dormann on March 13, 2009 1:46 PM | Permalink

Hi, it's Will again. Recently, I was investigating the effectiveness of the workarounds for the Adobe Reader JBIG2 vulnerability, and I encountered an unexpected situation. In certain situations, the application resiliency feature of Windows Installer can actually undo some of the steps taken to mitigate a vulnerability.


Continue reading Windows Installer Application Resiliency
Categories:  Analysis, Research

« Discovery | Main Index | Archives | Web »

Recent Entries

Categories

Search this Blog

Related Links

Subscribe

Feedback

Send us feedback.
The content on this site is made available on an "as is" basis without any warranties and solely for your personal viewing. Carnegie Mellon University is not liable for any consequences arising out of your use of such materials.