Disclosures

Zero-day and N-day security vulnerability notes, analysis, and proof-of-concepts

URL: https://github.com/badd1e/Disclosures

List

CVE-2009-2629: nginx http module Buffer Underflow Remote Code Execution Vulnerability
Patch analysis, testcase, notes

CVE-2013-0007: Microsoft XML Core Services 4-6 Use-after-free Vulnerability Vulnerability analysis, proof-of-concept exploit
Phrack paper

CVE-2014-4060: Microsoft Windows Media Center CSyncBasePlayer Use-After-Free Remote Code Execution Vulnerability
Analysis, testcase

CVE-2014-XXXX: Schneider Electric InduSoft Web Access Memory Corruption Vulnerability (multiple) Testcases, analysis
Part of a winning competition entry: Hack the smart city 2014

CVE-2014-XXXX: Microsoft Office Word 2010 Memory Corruption Vulnerability
Testcases, notes

CVE-2015-2515: Windows Shell Use-after-free Remote Code Execution Vulnerability
Testcases

CVE-2016-0143: Microsoft Win32k Elevation of Privilege Vulnerability
Vulnerability root cause analysis

CVE-2016-0171: Microsoft Win32k Elevation of Privilege Vulnerability
Vulnerability root cause analysis

CVE-2017-XXXX: Jscript9 Type Confusion Remote Code Execution Vulnerability
Testcase

CVE-2017-FFFF: Windows Defender Javascript Use-after-free Vulnerability
Testcase

CVE-2018-0893: Microsoft Edge Type Confusion Vulnerability
Testcase, analysis, proof-of-concept exploit

CVE-2018-16845: nginx module mp4 Out Of Bounds Read Information Disclosure Vulnerability
TBD

CVE-2018-5144: Firefox ESR and Thunderbird Integer Overflow Remote Code Execution Vulnerability
Theoretical analysis

CVE-2018-5178: Firefox ESR and Thunderbird Buffer Overflow Remote Code Execution Vulnerability
Theoretical analysis

CVE-2018-6981: VMWare ESXi and Workstation Uninitialized Variable RCE
Patch analysis, testcase

CVE-2018-FFFF: Chromium ANGLE Uninitialized Variable RCE
Theoretical analysis

CVE-2018-XXXX: VirtualBox 3D Virtualization Memory Corruption Elevation of Privilege Vulnerability (multiple)
Analysis

CVE-2019-0717: Hyper-V vmswitch.sys Out of Bounds Read Vulnerability
Proof-of-concept testcase

CVE-2019-FFFF: nginx module njs Heap Buffer Overflow Vulnerability (multiple)
TBD

Legend

CVE.*XXXX: the CVE was assigned, but I don't know it
CVE.*FFFF: the CVE ID was never assigned

Credits

All vulns here were found and proof-of-concept exploits developed by Alisa Esage, unless stated otherwise.
My trainings and mini-classes: Zero Day Engineering.
Twitter: @alisaesage.

Name		Name	Last commit message	Last commit date
Latest commit History 10 Commits
CVE-2009-2629_nginx_http		CVE-2009-2629_nginx_http
CVE-2013-0007_MSXML6		CVE-2013-0007_MSXML6
CVE-2014-4060_Windows_Media_Player		CVE-2014-4060_Windows_Media_Player
CVE-2014-XXXX_InduSoft_SchneiderElectric		CVE-2014-XXXX_InduSoft_SchneiderElectric
CVE-2015-2515_Windows_Shell		CVE-2015-2515_Windows_Shell
CVE-2015-XXXX_MSOffice_Word		CVE-2015-XXXX_MSOffice_Word
CVE-2016-0143_win32k		CVE-2016-0143_win32k
CVE-2016-0171_win32k		CVE-2016-0171_win32k
CVE-2017-XXXX_Jscript9_IE		CVE-2017-XXXX_Jscript9_IE
CVE-2017-XXXX_WindowsDefender		CVE-2017-XXXX_WindowsDefender
CVE-2018-0893_MSEdge		CVE-2018-0893_MSEdge
CVE-2018-16845_nginx_mp4		CVE-2018-16845_nginx_mp4
CVE-2018-5144_Firefox_Thunderbird		CVE-2018-5144_Firefox_Thunderbird
CVE-2018-5178_Firefox_Thunderbird		CVE-2018-5178_Firefox_Thunderbird
CVE-2018-6981_VMWare_ESXi		CVE-2018-6981_VMWare_ESXi
CVE-2018-FFFF_Chrome		CVE-2018-FFFF_Chrome
CVE-2018-XXXX_VirtualBox		CVE-2018-XXXX_VirtualBox
CVE-2019-0717_Hyper-V		CVE-2019-0717_Hyper-V
CVE-2019-FFFF_nginx_njs		CVE-2019-FFFF_nginx_njs
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

Disclosures

List

Legend

Credits

About

Releases

Packages

Languages

alisaesage/Disclosures

Folders and files

Latest commit

History

Repository files navigation

Disclosures

List

Legend

Credits

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages