Nicolas Grégoire (@Agarri_FR)

Title	Vulnerabilities	Programs	Authors
Deserialization in Perl v5.8	Insecure Deserialization RCE	Undisclosed	Nicolas Grégoire (@Agarri_FR)
AMF parsing and XXE	XXE	BlazeDS PyAMF	Nicolas Grégoire (@Agarri_FR)
Bypassing blacklists based on IPy	IP Address Validation Bypass	Prezi Autocracy (Python-Ipy)	Nicolas Grégoire (@Agarri_FR)
Trying to hack Redis via HTTP requests	SSRF CRLF Injection RCE	Meta / Facebook	Nicolas Grégoire (@Agarri_FR)
Compromising an unreachable Solr server with CVE-2013-6397	XXE Path Traversal XSLT Injection RCE	Apache Solr	Nicolas Grégoire (@Agarri_FR)
Mutation-based fuzzing of XSLT engines	Memory Corruption Fuzzing Heap Buffer Overflow Use-After-Free NULL Pointer Dereference Out-of-Bounds Read	Intel Mozilla (Firefox) Adobe (Reader) Libxslt Microsoft (MSXML) Google (Chrome & Chromium)	Nicolas Grégoire (@Agarri_FR)
All your PostgreSQL databases are belong to us	XXE Privilege Escalation	PostgreSQL Libxslt	Nicolas Grégoire (@Agarri_FR)
SVG files and Java code execution	Arbitrary Code Execution	Apache Batik	Nicolas Grégoire (@Agarri_FR)
Compromising HP SAN appliances	Hardcoded Credentials Reverse Engineering Buffer Overflow	HP	Nicolas Grégoire (@Agarri_FR)

Page 1 of 1