Affiliation/Organization: Corelan Team

Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (29 vulns), the following statistics apply:

Min Time To Patch:1 days
Avg Time To Patch:29 days
Max Time To Patch:183 days

Other Affiliations

Creditees Affiliated with Corelan Team have also affiliated with:

Metasploit (1) (1)
Virtual Guardian (1)


Creditees currently or formerly associated with Corelan Team (17):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2010-01-09Sébastien Duquette11
2013-10-02Bernhard Schildendorfer1

Disclosed Vulnerabilities (89):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2013-10-02 98116 2013-5743 Bernhard Schildendorfer
Zabbix api_jsonrpc.php Multiple API Method SQL Injection
2013-10-02 98115 2013-5743 Lincoln
Zabbix Object Favoriting Unspecified SQL Injection
2011-04-30 72101 rick2600
MJM Core Player s3m File Handling Overflow
2011-04-30 72102 rick2600
MJM QuickPlayer s3m File Handling Overflow
2011-04-26 72063 Acidgen
MAGIX Music Maker mmm File Handling Overflow
2011-01-01 84553 corelanc0d3r
Microsoft Help & Support Center Path Subversion Arbitrary DLL Injection Code Execution
2010-12-31 79099 corelanc0d3r
Adobe Fireworks Path Subversion Arbitrary DLL Injection Code Execution
2010-12-04 97830 Lincoln
ActiveXperts ASmsCtrl.dll ActiveX Activate() Function Stack Buffer Overflow
2010-11-13 68648 Sud0
Foxit Reader Crafted PDF File Title Handling Overflow
2010-10-30 68965 chap0
XEROX 4595 Copier/Printer URL String Handling DoS
2010-10-25 97828 ekse
WebcamXP login.html Redir Parameter Reflected XSS
2010-10-15 68639 corelanc0d3r
FTPShell Client PWD Response Handling Overflow
2010-10-15 97826 myne-us
Access Enforcer Firewall login.php page Parameter Reflected XSS
2010-10-15 97825 myne-us
Access Enforcer Firewall Unspecified Cookie HttpOnly Flag Weakness
2010-10-14 68640 corelanc0d3r
LeapFTP LIST Response Filename Parsing Overflow
2010-10-14 68641 nullthreat
Gekko Manager FTP Server LIST Response Overflow
2010-10-12 68701 corelanc0d3r
Aasync LIST Command Response Filename Handling Overflow
2010-10-12 68703 fancy
32bit FTP Client LIST Command Response Filename Handling Overflow
2010-10-12 68714 corelanc0d3r
FTPPad Crafted LIST Command Server Response Remote Overflow
2010-10-12 94556 corelanc0d3r
Seagull FTP Client LIST Command Response File/Folder Name Handling Stack Buffer Overflow
2010-10-12 94555 nullthreat
FileWrangler LIST Command Handling Stack Buffer Overflow
2010-10-12 68824 rick2600
Odin Secure FTP Expert Server Crafted LIST Response Handling Overflow
2010-10-08 68514 p4r4noid
Nuance PDF Reader /Launch Field Overflow
2010-09-07 67909 Lincoln
Integard Administration Page Password Field Overflow
2010-08-10 67027 Sud0
SopCast WebPlayer sopocx.ocx ActiveX sop:// URL ChannelName Property Overflow
2010-07-16 66440 MarkotT
actiTIME User Account Creation CSRF
2010-07-13 66354 2010-2370 MarkotT
Oracle Fusion Middleware Business Process Management Component Unspecified Remote Issue (2010-2370)
2010-07-07 98391 chap0
Hero DVD Player URL Handling Overflow
2010-06-28 65844 MarkotT
MemDB Products HTTP Host Header Overflow
2010-06-28 81161 chap0
GSM SIM Utility SMS File Handling Overflow
2010-06-25 98388 TecR0c
FieldNotes Malformed Map (.dxf) Handling Stack Overflow
2010-06-12 65540 2010-2310 nullthreat
SolarWinds TFTP Server Write Request Handling DoS
2010-06-12 98387 chap0
CP3 Studio cp3 File Handling Stack Overflow DoS
2010-06-11 65482 2010-2311 Sud0
Power Tab Editor PTB File Handling Overflow
2010-06-11 65539 2010-2305 Lincoln
Symantec Sygate Personal Firewall SSHelper.dll ActiveX SetRegString Method Overflow
2010-06-07 65256 2010-2343 chap0
D.R. Software Audio Converter PLS File Handling Overflow
2010-05-31 98386 sinn3r
Xftp Filename Handling Buffer Overflow
2010-05-31 98385 TecR0c
ZipExplorer Malformed Data Handling Memory Corruption DoS
2010-05-30 98384 sinn3r
IP2Location IP2Location.dll ActiveX Initialize() Function Buffer Overflow
2010-05-25 98424 MarkotT
Easy Address Book Web Server users_admin.ghp Arbitrary Admin User Creation CSRF
2010-05-21 64845 2010-2115 nullthreat
SolarWinds TFTP Server Read Request Handling DoS
2010-05-19 64752 2010-1688 Lincoln
SyncBack Profile Import SPS File Handling Overflow
2010-05-19 64839 Lincoln
ANSMTP SMTP Component ANSMTP.dll / AOSMTP.dll ActiveX AddAttachments() Function Overflow
2010-05-17 64718 mr_me
Magtrb MyNews index.php id Parameter SQL Injection
2010-05-17 64719 mr_me
Magtrb MyNews admin.php act Parameter XSS
2010-05-17 64720 mr_me
Magtrb MyNews index.php act Parameter Traversal Local File Inclusion
2010-05-16 98423 Sud0
ShellZip ZIP Filename Handling Stack Overflow
2010-05-05 64362 sinn3r
Ziepod RSS Feed Description Field XSS
2010-05-04 98421 mr_me
Beyond Compare ZIP Filename Handling Buffer Overflow
2010-05-01 64266 Sébastien Duquette
NolaPro example.php file Parameter XSS
2010-05-01 64265 Sébastien Duquette
NolaPro sidemenu.php menutitle Parameter XSS
2010-05-01 64262 Sébastien Duquette
NolaPro checkfile.php Local File Information Disclosure
2010-05-01 64214 Sébastien Duquette
NolaPro nporderitemremote.php linenum Parameter XSS
2010-04-30 64213 2010-1686 Lincoln
ABC Backup ZIP File Handling Overflow
2010-04-27 98420 mr_me
Big Ant Messenger AntCore.dll ActiveX RegisterCom() Function Stack Overflow
2010-04-25 64984 mr_me
Easyzip 2000 ZIP Archive Filename Handling Overflow
2010-04-24 64079 2010-1685 TecR0c
ZipWrangler ZIP File Handling Overflow
2010-04-23 64078 p4r4noid
CommView cv2k1.sys 2578h IOCTL Handling Local DoS
2010-04-21 63971 2010-1597 rick2600
ZipGenius InfoTip Shell Extension zgtips.dll ZIP Archive Handling Overflow
2010-04-20 63930 TecR0c
SpeedCommander Crafted ZIP File Handling Overflow
2010-04-19 63899 2010-1458 TecR0c
TweakFS Zip Utility ZIP Filename Handling Overflow
2010-04-19 63931 2010-1033 mr_me
HP Operations Manager on Windows SourceView ActiveX (srcvw32.dll / srcvw4.dll) LoadFile() Method Remote Overflow
2010-04-15 63810 Lincoln
Archive Searcher ZIP Archive Handling Overflow
2010-04-15 63923 mr_me
RPM Select / Elite Configuration File lfFaceName Element Local Overflow
2010-04-08 63744 2010-1316 Lincoln
Tembria Server Monitor Crafted HTTP Request Remote DoS
2010-04-06 65041 mr_me
Jzip .zip Filename Handling Local Overflow
2010-04-03 63540 mr_me
Zip Unzip ZIP File Handling Overflow
2010-04-03 63544 Lincoln
ZipScan ZIP File Handling Overflow
2010-03-31 63414 TecR0c
Optimal Archive OlArchive.dll ALStatus::SetError() Function ZIP File Handling Overflow
2010-03-22 63125 corelanc0d3r
Zipper ZIP File Handling Overflow
2010-03-16 63026 rick2600
Windisc BNZ File Handling Overflow
2010-03-15 63087 mr_me
Liquid XML Studio LtXmlComHelp8.UnicodeFile.1 ActiveX (LtXmlComHelp8.dll) OpenFile Method Overflow
2010-03-07 62781 corelanc0d3r
QuickZip Crafted ZIP File Handling Remote Overflow
2010-02-26 62580 2010-0688 mr_me
Orbital Viewer ORB File Handling Overflow
2010-02-08 62212 MarkotT
Gefest Web Home Server Unspecified Traversal Arbitrary File Access
2010-02-04 62177 2010-0614 Sébastien Duquette
evalSMSI ajax.php query Parameter SQL Injection
2010-02-04 62178 2010-0615 Sébastien Duquette
evalSMSI assess.php Comment Write XSS
2010-02-04 62180 2010-0616 Sébastien Duquette
evalSMSI Database Cleartext Password Disclosure
2010-02-04 64486 Sébastien Duquette
evalsmsi Plaintext Password Storage Weakness
2010-02-04 64897 sinn3r
Ipswitch IMail Registry Ownership Weakness
2010-02-04 64487 Sébastien Duquette
evalsmsi ajax.php Authentication Bypass
2010-02-04 64489 Sébastien Duquette
evalsmsi Report Comment Field XSS
2010-02-04 64898 sinn3r
Ipswitch IMail IMailsec.dll Password Decryption Algorithm Weakness
2010-01-27 61990 2010-0496 mr_me
Serversman Crafted HTTP Request Remote DoS
2010-01-19 64368 rick2600
S.O.M.P.L. Player M3U Playlist File Handling Overflow
2010-01-12 61671 corelanc0d3r
TurboFTP Server FTP Command DELE Parameter Remote Overflow DoS
2010-01-09 64398 Sébastien Duquette
Audiotran PLS File Handling Stack Buffer Overflow
2009-11-23 98408 rick2600
Magic Music Player M3U File Handling Buffer Overflow
2009-09-12 62599 2009-5141 corelanc0d3r
War FTP Daemon Multiple Command Format String DoS

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use