Yaniv Miron
Security Researcher.
lament [AT] ilhack [DOT] org

Advisories



2011

MS11-006 shimgvw.dll CreateSizedDIBSECTION Buffer Overflow Vulnerability
Was held as a 0-day for a long time before publication
http://www.microsoft.com/technet/security/bulletin/ms11-006.mspx
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=890
YML Advisory #0012


2010

agXchange ESM 'ucquerydetails.jsp' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38896
YML Advisory #0011

IBM Lotus Notes 'names.nsf' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38880
YML Advisory #0010

agXchange ESM 'ucschcancelproc.jsp' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38879
YML Advisory #0009

IBM Lotus Notes 'names.nsf' Open Redirection Vulnerability
http://www.securityfocus.com/bid/38852
YML Advisory #0008

Friendly Technologies TR-069 ACS Login SQL Injection Vulnerability
http://www.securityfocus.com/bid/38634
http://www.exploit-db.com/exploits/11677
YML Advisory #0007

IBM ENOVIA SmarTeam v5 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38612
YML Advisory #0006

Sparta Systems TrackWise EQMS Multiple Cross-Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/38483
YML Advisory #0005

MarketGate Package for Eshbel Priority ERP 'Referer' Parameter Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38480
YML Advisory #0004

Oracle Siebel 'loyalty_enu/start.swe' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38456
http://www.oracle.com/technetwork/topics/security/cpuoct2010-175626.html
YML Advisory #0003

ARISg 'wflogin.jsp' Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/38441
YML Advisory #0002


2008

Apache HTTP Server 403 Error Cross-Site Scripting Vulnerability /
Microsoft Internet Explorer UTF-7 HTTP Response Handling Weakness
http://www.securityfocus.com/bid/29112
YML Advisory #0001



Copyright © 2010 All Rights Reserved.