Johanna Amann

3 exploits Active since Jan 2018
CVE-2020-0601 NOMISEC HIGH WORKING POC
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
5 stars
CVSS 8.1
CVE-2020-0601 NOMISEC HIGH WORKING POC
Windows 10 and Windows Server - Certificate Spoofing via ECC Certificate Validation
A spoofing vulnerability exists in the way Windows CryptoAPI (Crypt32.dll) validates Elliptic Curve Cryptography (ECC) certificates.An attacker could exploit the vulnerability by using a spoofed code-signing certificate to sign a malicious executable, making it appear the file was from a trusted, legitimate source, aka 'Windows CryptoAPI Spoofing Vulnerability'.
CVSS 8.1
CVE-2017-1000458 WRITEUP CRITICAL WRITEUP
Bro - Out-of-bounds Write in ContentLine Analyzer
Bro before Bro v2.5.2 is vulnerable to an out of bounds write in the ContentLine analyzer allowing remote attackers to cause a denial of service (crash) and possibly other exploitation.
CVSS 9.8