CVE-2011-1260 | MS11-050
- Internet Explorer CObjectElement Use After Free
- independently discovered and exploited
- blog post: Insecticides don't kill bugs, Patch Tuesdays do
- metasploit module: /modules/exploits/windows/browser/ms11_050_mshtml_cobjectelement.rb
CVE-2010-3971 | MS11-003
- Internet Explorer Recursive CSS Import
- first public exploit: "When A DoS Isn't A DoS" (BreakingPoint blog)
CVE-2010-2746 | MS10-081
- Windows Common Control Library (Comctl32) Heap Overflow
- reversed patch, exploited
- patch analysis/exploit: "From Patch to Proof-of-Concept: MS10-081" (BreakingPoint blog)
Wireshark Bug 5375
- Buffer overflow when handling SNMP users preferences
- found, reported, exploited
- wireshark bug 5375
- exploit: Exploit-Dev Practice or Why You Shouldn't Copy-Paste
CVE-2010-4300
- LDSS dissector heap-based buffer overflow
- found and reported
- wireshark bug 5318
CVE-2010-1205
- libpng extra row memory corruption
- independently found using Funder
- vuln analysis: libpng extra row (CVE-2010-1205)
