BlackBerry PlayBook Security - Part One: 01/08/2011

CVE-2009-3830: SharePoint 2007 source code disclosure.

CVE-2008-???? Multiple vulns in an Oracle application. I am working with Oracle to address these issues. A CVE number has not been assigned yet.

CVE-2008-1606 Multiple directory traversal vulnerabilities in Elastic Path resulting in arbitrary file upload, file download and file system browse.

CVE-2007-6587 Blind SQL injection vulnerability in plog-rss.php in Plogger.


follow me on twitter (rss)


this is my life
Security Roots Ltd logo


After several years in the security industry working as a consultant, I have started a new business:

Security Roots Ltd

We build tools to help security consultancies to work more efficiently.

Find out more: securityroots.com

since Jul'08 - with the usefulfor.com team

usefulfor.sharing useful tips

How many things have you learned and forgot? How many things have you researched but are now lost forever because you didn't have anywhere to publish them? How many cool stuff have you done that is left out of your CV because there is not enough space? What are you waiting to do something about it?

Do something useful for yourself and publish it, others can find your stuff useful too.

since Jul'08 - with the usefulfor.com team

miniconomics.your expenses under control

miniconomics is an easy-to-use tool designed to manage your personal expenses. The goals of the project: ease of use, versatility and security.

since May'08 - with Juan C.

Dradis Framework.structure and share your findings

Dradis is an open source framework that can be used to structure and share information. Ideal for security researchers and consultants. It has been downloaded over 14,000 times.

since Jun'07 - with the dradis community at sf

etd's dos and dont's.personal blog

It started as a personal notebook on tips and tricks for the daily use of Linux. Then I started posting on general sysadmin, ruby programming and security testing and researching. etd's dos and dont's has been superseded by usefulfor.com. More info.

Sep'05 to Jul'08