Advisories

Advisory

CA Single Sign-On Unspecified High-Risk Vulnerabilities Advisory

Mar 23, 2016

Two high-risk vulnerabilities were discovered in CA Technologies Single Sign-On (formerly CA SiteMinder®) application. A denial-of-service attack and ...

By Mike Brooks

Advisory

Adobe ColdFusion Reflected Cross-Site Scripting Flaw

Aug 27, 2015

A reflected cross-site scripting vulnerability was found in the post-authentication administrative panel for ColdFusion, an Adobe web application development platform.

By Shubham Shah

Advisory

NoScript Bypass

Jul 6, 2015

This Bishop Fox security advisory describes a vulnerability identified by researcher Matt Bryant in NoScript.

By Matt Bryant

Advisory

LastPass Site Password-Stealing Clickjacking Vulnerability

Jul 1, 2015

This Bishop Fox security advisory describes vulnerabilities identified within the LastPass application.

By Matt Bryant

Advisory

AirDroid Web Application Authentication Flaw

Apr 15, 2015

This technical write-up details an AirDroid vulnerability discovered by former Bishop Fox researcher Matt Bryant.

By Matt Bryant

Advisory

Oracle WebLogic Node Manager allows arbitrary configuration via UNC path

Oct 12, 2010

Oracle WebLogic Node Manager 10.3.3 and earlier versions contain a remote file inclusion vulnerability that could allow a remote attacker to execute arbitrary commands on an affected system.

By Carl Livitt

Advisory

PGP Desktop Wipe Free Space Flaw

Dec 8, 2005

This Bishop Fox security advisory details a vulnerability Vincent Liu found in PGP Desktop. The vulnerability was presented at Black Hat 2005.

By Vinnie Liu

Advisory

Windows File Time Stamp Display Flaw

Dec 7, 2005

This security advisory details a vulnerability Vincent Liu identified in 2005.

By Vinnie Liu