Bugweek

The Bugweek is a research activity wherein the security professionals in the company, from developers to exploit writers and QA analysts, dedicate an entire week to bug hunting. It is part of our Security Vulnerability Research project. Prior to the Bugweek, employees are invited to workshops about source code audit, fuzzing and webapps security (among other topics) to prepare for what lies ahead.

The results of the Bugweek are:

• Developers learn about security problems, and gain a better understanding of where they can be found (and introduced!).
• Developers test and improve their products, or the tools that they use.
• Advisories are published about the security issues that were found.
• Findings contribute to the larger security community.

See below publications related to Bugweek and a list of vulnerabilities discovered during the last Bugweeks.

Advisories

• IBM WebSphere Application Server Cross-Site Request Forgery
  • Authors: Francisco Falcon
  • Date published: 2011-06-15
• Cisco WebEx .atp and .wrf Overflow Vulnerabilities
  • Authors: Federico Muttis, Sebastián Tello and Manuel Muradas
  • Date published: 2011-01-31
• XSS Vulnerability in NextGEN Gallery Wordpress Plugin
  • Authors: Alejandro Rodriguez
  • Date published: 2010-04-06
• Windows Movie Maker and Microsoft Producer IsValidWMToolsStream() Heap Overflow
  • Authors: Damian Frizza
  • Date published: 2010-03-09
• Microsoft Office Excel DbOrParamQry Record Parsing Vulnerability
  • Authors: Damian Frizza
  • Date published: 2010-03-09
• Luxology Modo 401 .LXO Integer Overflow(view)
  • Authors: Diego Juarez and Nadia Rodríguez
  • Date published: 2010-03-02
• >Microsoft Office Excel / Word OfficeArtSpgr Container Pointer Overwrite Vulnerability
  • Authors: Damián Frizza
  • Date published: 2010-02-09
• Corel Paint Shop Pro Photo X2 FPX Heap Overflow
  • Authors: Francisco Falcon
  • Date published: 2010-02-01
• Google SketchUp 'lib3ds' 3DS Importer Memory Corruption)
  • Authors: Francisco Falcon
  • Date published: 2010-01-13
• Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System
  • Authors: Pablo Annetta and Pedro Varangot
  • Date published: 2009-12-09
• DAZ Studio Arbitrary Command Execution
  • Authors: Diego Juarez
  • Date published: 2009-12-02
• Autodesk 3DS Max Application Callbacks Arbitrary Command Execution
  • Authors: Sebastián Tello
  • Date published: 2009-11-23
• Autodesk Maya Script Nodes Arbitrary Command Execution
  • Authors: Diego Juarez
  • Date published: 2009-11-23
• Autodesk SoftImage Scene TOC Arbitrary Command Execution
  • Authors: Diego Juarez, Fernando Arnaboldi and Federico Charosky
  • Date published: 2009-11-23
• HP Openview NNM 7.53 Invalid DB Error Code vulnerability
  • Authors: Damián Frizza
  • Date published: 2009-11-17
• Blender .blend Project Arbitrary Command Execution
  • Authors: Diego Juarez and Sebastián Tello
  • Date published: 2009-11-05
• Jetty Persistent XSS in Sample Cookies Application
  • Authors: Aureliano Calvo
  • Date published: 2009-10-06
• Hyperic HQ Multiple XSS
  • Authors: Gastón Rey and Pablo Carballo
  • Date published: 2009-10-02
• Dnsmasq Heap Overflow and Null-pointer Dereference on TFTP Server
  • Authors: Pablo Jorge and Alberto Solino
  • Date published: 2009-08-31
• Multiple vulnerabilities in iCal
  • Authors: Rodrigo Carvalho, Ricardo Narvaja
  • Date published: 2008-05-21
• Insufficient argument validation of hooked SSDT functions on multiple Antivirus and Firewalls
  • Authors: Damian Saura, Anibal Sacco, Dario Menichelli, Norberto Kueffner, Andres Blanco, Rodrigo Carvalho
  • Date published: 2008-04-28
• SILC pkcs_decode buffer overflow
  • Authors: Ariel Waissbein, Pedro Varangot, Martin Mizrahi, Oren Isacson, Carlos Garcia, Ivan Arce
  • Date published: 2008-03-25
• Leopard Server Remote Path Traversal
  • Authors: Rodrigo Carvalho
  • Date published: 2008-03-18
• Multiple vulnerabilities in Google's Android SDK
  • Authors: Alfredo Ortega
  • Date published: 2008-03-04
• MPlayer 1.0rc2 buffer overflow vulnerability
  • Authors: Damian Frizza, Alfredo Ortega
  • Date published: 2008-02-04
• MPlayer arbitrary pointer dereference
  • Authors: Felipe Manzano, Anibal Sacco
  • Date published: 2008-02-04