Nov. 15, 2023, 1 p.m. | DAY[0]


We've got a few Windows bugs this week, but first a fun off-by-one null-byte write. Then we jump into a containerized registry escape, a browser escape with a very simple bug buried deep in the browser, and a kernel bug.

Links and vulnerability summaries for this episode are available at:

[00:00:00] Introduction
[00:00:20] Spot the Vuln - Minimax
[00:05:00] Weston Embedded uC-HTTP HTTP Server Host header parsing memory corruption vulnerability
[00:14:49] Windows Kernel containerized registry escape through integer overflows …

binary binary exploitation browser bug bugs bundle escape exploitation fun introduction kernel kernel bug podcast registry simple vuln week windows

Security Specialist

@ Protect Democracy | Remote, US

Environmental Compliance Lead

@ EDF Energy | Bristol, GB

IT Consultant Network w/m/d Wireless (WiFi6, Mobilfunk 5G)

@ Computacenter | Berlin, DE, 12099

Senior - Cyber Infrastructure Protection

@ Deloitte | Madrid, España

GRC (Governance, Risk & Compliance) | 4 to 6 Years | Mumbai, Bengaluru & Chennai

@ Capgemini | Bengaluru, MH, IN

Technology Risk & Controls Advisory - Experienced Consultant

@ Wavestone | London, United Kingdom