SECURETARGET

Category: Vulnerabilities

  • 5 Signs Your Code is Insecure

    If you believe a final penetration test is the gatekeeper of your security, you are already behind. Security is not an event that happens at the end of a sprint; it is an architectural decision made at the first line of code. If your process lacks a framework before the test, your “secure” code is…

  • Why You Keep Going Down the Security Rabbit Hole and Still Aren’t Secure

    One of the most frustrating things I have observed throughout my career is the number of organizations that continue spending more money, hiring more security people, deploying more security products, attending more security conferences, obtaining more certifications, and yet somehow remain just as vulnerable as they were years ago. In many cases they are actually…

  • Microsoft Windows Huge Text Processing Instability

    SECURE TARGET (Security Advisory October 17, 2004) Topic: Microsoft Windows Huge Text Processing Instability Discovery Date: October 14, 2004Original Advisory External Links: VULDB, Full-Disclosure, BugTraq, SICHERHEITSLüCKEN, Addict3d, Ls, Der Keiler, Seifried, NetSys, Mail Archive, SecLists, Neohapsis, Checksum, Network Security, Virus, DoddsNet, ReadList, Mega Security, Security Trap, Virovvch, DevArchives Affected applications and platforms: Notepad, NotePad2 and…

  • PerfectNav Crashes IE

    Secure Target Network (Security Advisory February 25, 2004) Topic: PerfectNav Crashes IE Discovery Date: February 24, 2004 Original Advisory External: Full-Disclosure, BugTraq, Security Tracker, xforce, SANS Affected applications and platforms: Microsoft Internet Explorer 6 Service Pack 1 and older versions Introduction: PerfectNav is designed to redirect your URL typing errors to PerfectNav’s web page. Bundled…

  • New IE Thread crashes by WU

    Secure Target Network (Security Advisory December 31, 2003) Topic: New IE Thread crashes by WU Discovery Date: December 30, 2003 Original Advisory External: Full-Disclosure Affected applications and platforms: Microsoft Internet Explorer 6 Service Pack 1 Introduction: Any time you open your Windows Update (WU / wupdmgr.exe) and go to “Scan for Updates”; it takes a…

  • Microsoft Outlook PST Exposure

    Secure Target Network (Security Advisory August 31, 2003) Topic: Microsoft Outlook PST Exposure Discovery Date: August 28, 2003 Original Advisory External: Zone-h, Security Tracker, openwall, Full-Disclosure Affected applications and platforms: All versions of Outlook on any Windows platform Introduction: everyone work with .pst files, storing and managing his/her Outlook Data transparently under Microsoft Outlook. A…

  • Recycle Bin Unavailability of Service

    Secure Target Network (Security Advisory July 24, 2003) Topic: Recycle Bin Unavailability of Service Discovery Date: July 24, 2003Original Advisory External: VulnDiscuss, List, openwall —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA1 Secure Target Network (Security Advisory August 04, 2003) Topic: Recycle Bin Unavailability of Service Discovery date: July 24, 2003 Affected applications and platforms: Windows XP…

  • OE DBX Exposure

    Secure Target Network (Security Advisory October 27, 2002) Topic: OE DBX Exposure Discovery date: October 02, 2002 Discovered by: Kaveh Mofidi External: Security Tracker, Bugtraq, Secunia Affected applications and platforms: All versions of Outlook Express on any Windows platform Introduction You already worked with .dbx files, storing and managing your messages under OE. A default…

  • New Vulnerability Disclosure Policy

    Effective today March 20, 2002, SECURE TARGET will be following a new policy in regards to the disclosure of vulnerability information: All vulnerabilities discovered by SECURE TARGET or any member of the entity including myself shall will be kept private during discovery and even after initial submission to vendors, unless otherwise explicitly considered harmless with…