Cody Pierce on the Future of Exploit Development

Mike Mimoso talks to Cody Pierce, director of vulnerability research and prevention with Endgame, at RSA Conference 2017 about how attackers are changing their techniques in the face of mitigations and continuing to base exploits around legitimate APIs and functions to thwart detection. Download:...

TPTI-10-04: Oracle Secure Backup Scheduler Service Remote Code Execution Vulnerability

TPTI-10-04: Oracle Secure Backup Scheduler Service Remote Code Execution Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-10-04 -- CVE ID: CVE-2010-0898 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Oracle -- Affected Products: Oracle Secure Backup -- TippingPointTM IPS...

TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability

TPTI-09-07: Microsoft Windows License Logging Service Heap Corruption Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-07 November 10, 2009 -- CVE ID: CVE-2009-2523 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows 2000 -- TippingPointTM IPS Customer Protection:...

TPTI-09-06: Microsoft Windows Workstation Service NetrGetJoinInformation Heap Corruption Vulnerability

TPTI-09-06: Microsoft Windows Workstation Service NetrGetJoinInformation Heap Corruption Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-09-06 August 11, 2009 -- CVE ID: CVE-2009-1544 -- Affected Vendors: Microsoft -- Affected Products: Microsoft Windows Server 2008 Microsoft Windows...

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability

TPTI-08-05: CA ETrust Secure Content Manager Gateway FTP LIST Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-05 June 4, 2008 -- CVE ID: CVE-2008-2541 -- Affected Vendors: Computer Associates -- Affected Products: Computer Associates eTrust Secure Content Manager --...

TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability

TPTI-08-02: Cisco Call Manager CTLProvider Heap Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-08-02 January 16, 2008 -- CVE ID: CVE-2008-0027 -- Affected Vendor: Cisco -- Affected Products: Cisco Call Manager 4.13 -- Vulnerability Details: This vulnerability allows remote...

TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability

TPTI-07-20: Apple Quicktime Movie Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-07-20 November 12, 2007 -- CVE ID: CVE-2007-4674 -- Affected Vendor: Apple -- Affected Products: QuickTime 7.2 -- Vulnerability Details: This vulnerability allows attackers to execute...

[Full-disclosure] TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability

TSRT-06-09: Microsoft DirectAnimation COM Object Memory Corruption Vulnerability http://www.tippingpoint.com/security/advisories/TSRT-06-09.html August 8, 2006 -- CVE ID: CVE-2006-3638 -- Affected Vendor: Microsoft -- Affected Products: Internet Explorer 6 All Versions Internet Explorer 5 SP4 --...

[Full-disclosure] TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities

TSRT-06-03: eIQnetworks Enterprise Security Analyzer Syslog Server Buffer Overflow Vulnerabilities http://www.zerodayinitiative.com/advisories/TSRT-06-03.html July 25, 2006 -- CVE ID: CVE-2006-3838 -- Affected Vendor: eIQnetworks -- Affected Products: eIQnetworks Enterprise Security Analyzer Asta...