Hello, I'm
Tobias Klein.
Occasional finder of 0days and
published book author
Books* I've Written.
* on information security-related topics 🔐
Buffer Overflows und Format-String-Schwachstellen
Funktionsweisen, Exploits und Gegenmaßnahmen
dpunkt.verlag, 2004
Vulnerabilities I've Published.
🧪 The following is a list of the vulnerabilities I’ve discovered that have been publicly disclosed.
Microsoft Windows win32kfull Pool-based Buffer Overflow
Details: TKADV2024-001 | CVE-2024-30091 | Vendor Advisory
ISC BIND Logic Error (TSIG Remote Denial of Service)
Details: TKADV2020-002 | CVE-2020-8617 | Vendor Advisories: 1, 2
ISC BIND Logic Error (DNS Rebinding Protection Bypass)
Details: TKADV2020-001 | Vendor Advisories: 1, 2, 3
Google Chrome Signed Integer Overflow
Details: TKADV2018-001 | CVE-2018-6034 | Vendor Advisory
Google Chrome Heap Buffer Overflow
Details: TKADV2017-003 | CVE-2017-5112 | Vendor Advisory
Google Chrome Use of Uninitialized Memory
Details: TKADV2017-002 | CVE-2017-5117 | Vendor Advisory
Mozilla Firefox and Thunderbird OOB Array Access
Details: TKADV2017-001 | CVE-2017-7754 | Vendor Advisories: 1, 2, 3
Apple Mac OS X QuickDraw Manager Buffer Overflow
Details: TKADV2013-003 | CVE-2013-0975 | Vendor Advisory
Adobe Reader and Acrobat Integer Overflow
Details: TKADV2013-002 | CVE-2013-2727 | Vendor Advisory
Apple Mac OS X PDF Ink Annotations Use-After-Free
Details: TKADV2013-001 | CVE-2013-0971 | Vendor Advisory
Apple iOS OfficeImport Buffer Overflow
Details: TKADV2011-004 | CVE-2011-3260 | Vendor Advisory
Apple iOS OfficeImport Double Free
Details: TKADV2011-003 | CVE-2011-3261 | Vendor Advisory
Apple iOS & OS X OfficeImport Use of Uninitialized Memory
Details: TKADV2011-002 | CVE-2011-0208 | Vendor Advisories: 1, 2
Apple iOS & OS X OfficeImport Memory Corruption
Details: TKADV2011-001 | CVE-2011-0184 | Vendor Advisories: 1, 2
Apple iOS & OS X OfficeImport Memory Corruption
Details: TKADV2010-006 | CVE-2010-3786 | Vendor Advisories: 1, 2, 3, 4
Oracle Solaris Zones Denial of Service
Details: TKADV2010-005 | CVE-2010-2393 | Vendor Advisory
Google Chrome OOB Array Access
Details: TKADV2010-004
Avast Kernel Driver Memory Corruption
Details: TKADV2010-003 | CVE-2010-0705
Apple iPhone OS & OS X CoreAudio Stack Buffer Overflow
Details: TKADV2010-002 | CVE-2010-0036 | Vendor Advisories: 1, 2
Oracle Solaris Kernel NULL Pointer Dereference
Details: TKADV2010-001 | CVE-2010-0453 | Vendor Advisory
Apple iPhone OS AudioCodecs Heap Buffer Overflow
Details: TKADV2009-007 | CVE-2009-2206 | Vendor Advisory
Winamp (libsndfile) Heap Buffer Overflow
Details: TKADV2009-006 | CVE-2009-1788
xine-lib Quicktime STTS Atom Integer Overflow
Details: TKADV2009-005 | CVE-2009-1274
FFmpeg Type Conversion Vulnerability
Details: TKADV2009-004 | CVE-2009-0385
GStreamer Heap Overflow and OOB Array Access
Details: TKADV2009-003 | CVE-2009-0386, CVE-2009-0387, CVE-2009-0397
Amarok Integer Overflow and Unchecked Allocations
Details: TKADV2009-002 | CVE-2009-0135, CVE-2009-0136
Sun Solaris Kernel Integer Overflow
Details: TKADV2009-001 | CVE-2009-0132 | Vendor Advisory
Sun Solaris Kernel NULL Pointer Dereference
Details: TKADV2008-015 | CVE-2008-5689 | Vendor Advisory
MPlayer Stack Buffer Overflow
Details: TKADV2008-014 | CVE-2008-5616
VLC media player Integer Overflow
Details: TKADV2008-013 | CVE-2008-5276 | Vendor Advisory
VLC media player Stack Buffer Overflow
Details: TKADV2008-012 | CVE-2008-5032 | Vendor Advisory
VLC media player Stack Buffer Overflow
Details: TKADV2008-011 | CVE-2008-5036 | Vendor Advisory
VLC media player Stack Buffer Overflow
Details: TKADV2008-010 | CVE-2008-4654 | Vendor Advisory
WebEx Meeting Manager Stack Buffer Overflow
Details: TKADV2008-009 | CVE-2008-3558
G DATA Kernel Driver Memory Corruption
Details: TKADV2008-008
Linux Kernel Info Disclosure and NULL Pointer Dereferences
Details: TKADV2008-007 | CVE-2008-3792
CA HIPS Kernel Driver Memory Corruption
Details: TKADV2008-006 | CVE-2008-2926
Linux Kernel Information Disclosure
Details: TKADV2008-005 | CVE-2008-3272 | Vendor Advisory
Kaspersky Kernel Driver Stack Buffer Overflow
Details: TKADV2008-004 | CVE-2008-1518
Sun Solaris Kernel Integer Overflow
Details: TKADV2008-003 | CVE-2008-2710 | Vendor Advisory
Avast Kernel Driver Memory Corruption
Details: TKADV2008-002 | CVE-2008-1625
Panda Kernel Driver Memory Corruption
Details: TKADV2008-001 | CVE-2008-1471
Mac OS X Kernel Memory Corruption
Details: TKADV2007-001 | CVE-2007-4686 | Vendor Advisory
Apple QuickTime Heap Buffer Overflow
Details: TKADV2007-002 | CVE-2007-3750 | Vendor Advisory
Mac OS X Kernel Stack Buffer Overflow
Details: TKADV2007-003 | CVE-2007-4267 | Vendor Advisory
Check Point VPN-1 Kernel Driver Memory Corruption
Details: TKADV2007-005
MyBB SQL Injection
Details: TKADV2005-12-001 | CVE-2005-4200 | Pre-notification
phpMyFAQ Cross Site Scripting
Details: TKADV2005-11-004 | CVE-2005-3734
Mantis SQL Injection and Cross Site Scripting
Details: TKADV2005-11-002 | CVE-2005-4518, CVE-2005-4519, CVE-2005-4520, CVE-2005-4521, CVE-2005-4522, CVE-2005-4523, CVE-2005-4524
PHPlist SQL Injection, Path Traversal, and XSS
Details: TKADV2005-11-001 | CVE-2005-3555, CVE-2005-3556, CVE-2005-3557
phpMyAdmin Cross Site Scripting
Details: TKADV2005-10-001 | CVE-2005-3301
Tools I've Developed.
Currently unmaintained and only kept here for historical reasons 🤷♂️
A little tool for quickly surveying the mitigation technologies in use by processes on a Linux system. The script also lists the status of various Linux kernel protection mechanisms.
Latest Version: v1.5 from 2011
Articles I've Written.
Below is a selection of articles I have published online .. 💎
All Your Private Keys are Belong to Us
How to Find and Extract RSA Private Keys and Certificates Hidden in Large Amounts of Data
Last updated on December 6, 2020
.. and in print ..