Home Blog Page 8

Adobe Universal XSS

Discussion In September pdp and I did some really fun work involving backdooring PDF files. It opened alot of eyes and some back accounts in...

Cross Context Scripting with Sage

Update: http://michaeldaw.org/md-hacks/rss-injection-in-sage-part-2/ I would often keep abreast of new vulnerabilities and exploits via my RSS feeds. Visiting page after page was just never fun. RSS allowed...

RSS Injection in Sage part 2

2 months ago, both pdp any myself released a vulnerability Cross Context Scripting in Sage. This issue was resolved in Sage release 1.3.7 (see:...

Adobe Universal XSS Just Got Worse

Some had a good nights sleep last night. Generally it will be those who heeded our suggestions given last year September with Backdooring PDF...

Backdooring PDF Files

Updates: 20/09/07 PDPs PDF URI Parsing Vulnerability 04/01/06 New PDF Vulnerability Recently, there has been alot of hype involving backdooring various web technologies. pdp (arcitect)...