Description
The assignment will focus in researching a popular product, describing what could be considered an impactful CVE of that product.
The presentation should be take at most 15 minutes and have the following content:
- The product: what is is, what it does, use cases where it is present
- The security record of it: how many vulnerabilities in the last years, types of vulnerabilities, reputation.
- The most relevant CVE: what was the vulnerability, how it was reported, how it was fixed and how long it took, known exploitation and overall impact.
Students should create groups of 4 students, and must address a unique software and CVE.
List of Available CVEs:
| CVE ID | Vulnerability Name/Description | Year |
|---|---|---|
| CVE-2005-1983 | Microsoft Plug and Play Service Overflow | 2005 |
| CVE-2006-3439 | Microsoft Server Service NetpwPathCanonicalize Overflow | 2006 |
| CVE-2007-1036 | Symantec multiple products ‘SymTDI.sys’ driver local privilege escalation | 2007 |
| CVE-2008-4250 | Microsoft Server Service Relative Path Stack Corruption (Conficker) | 2008 |
| CVE-2009-0658 | Adobe Reader and Acrobat Collab ‘getIcon()’ JavaScript method remote code execution | 2009 |
| CVE-2010-2568 | Microsoft Windows Shell LNK Code Execution (Stuxnet) | 2010 |
| CVE-2010-1240 | Adobe PDF Embedded EXE Social Engineering | 2010 |
| CVE-2010-0188 | Adobe Reader and Acrobat ’newplayer()’ use-after-free | 2010 |
| CVE-2010-3333 | Microsoft RTF File Format Stack Buffer Overflow | 2010 |
| CVE-2010-4398 | RealPlayer ‘C:’ Remote Code Execution | 2010 |
| CVE-2011-3402 | Microsoft Windows TrueType Font Parsing | 2011 |
| CVE-2012-0158 | Microsoft Office MSCOMCTL.OCX RCE | 2012 |
| CVE-2013-0640 | Adobe Reader and Acrobat ’newplayer()’ Use-After-Free | 2013 |
| CVE-2013-3906 | Microsoft Graphics Component TIFF Integer Overflow | 2013 |
| CVE-2014-0160 | OpenSSL TLS DTLS Heartbeat Information Disclosure (Heartbleed) | 2014 |
| CVE-2014-6271 | GNU Bash Environment Variable Command Injection (Shellshock) | 2014 |
| CVE-2014-3566 | SSLv3 POODLE Vulnerability | 2014 |
| CVE-2014-4114 | Microsoft Windows OLE Package Manager RCE (Sandworm) | 2014 |
| CVE-2015-0311 | Adobe Flash Player use-after-free | 2015 |
| CVE-2015-1635 | Microsoft HTTP.sys Remote Code Execution (MS15-034) | 2015 |
| CVE-2016-5195 | Linux Kernel Race Condition Privilege Escalation (Dirty COW) | 2016 |
| CVE-2016-0189 | Microsoft Internet Explorer and JScript/VBScript Engines Memory Corruption | 2016 |
| CVE-2017-0144 | Microsoft Server Message Block 1.0 (SMBv1) RCE (EternalBlue) | 2017 |
| CVE-2017-5638 | Apache Struts 2 Jakarta Multipart Parser RCE | 2017 |
| CVE-2017-5715 | Spectre Variant 2 | 2017 |
| CVE-2017-5753 | Spectre Variant 1 | 2017 |
| CVE-2017-5754 | Meltdown | 2017 |
| CVE-2017-13080 | WPA2 Key Reinstallation Attack (KRACK) | 2017 |
| CVE-2018-0802 | Microsoft Office Equation Editor RCE | 2018 |
| CVE-2018-7600 | Drupal Core Remote Code Execution (Drupalgeddon 2) | 2018 |
| CVE-2019-0708 | Microsoft Remote Desktop Services RCE (BlueKeep) | 2019 |
| CVE-2019-19781 | Citrix Application Delivery Controller and Gateway Directory Traversal | 2019 |
| CVE-2019-11510 | Pulse Connect Secure Arbitrary File Reading | 2019 |
| CVE-2020-1472 | Netlogon Elevation of Privilege Vulnerability (Zerologon) | 2020 |
| CVE-2020-0796 | Microsoft Server Message Block 3.1.1 (SMBv3) RCE (SMBGhost) | 2020 |
| CVE-2021-26855 | Microsoft Exchange Server SSRF (ProxyLogon) | 2021 |
| CVE-2021-27065 | Microsoft Exchange Server Post-Authentication Arbitrary File Write (part of ProxyLogon) | 2021 |
| CVE-2021-34473 | Microsoft Exchange Server Pre-auth RCE (ProxyShell) | 2021 |
| CVE-2021-44228 | Apache Log4j Remote Code Execution (Log4Shell) | 2021 |
| CVE-2022-22965 | Spring Framework RCE via Data Binding on JDK 9+ (Spring4Shell) | 2022 |
| CVE-2022-30190 | Microsoft Windows Support Diagnostic Tool (MSDT) RCE (Follina) | 2022 |
| CVE-2022-1388 | F5 BIG-IP iControl REST Authentication Bypass | 2022 |
| CVE-2023-34362 | MOVEit Transfer SQL Injection | 2023 |
| CVE-2023-4966 | Citrix NetScaler ADC and Gateway Information Disclosure (Citrix Bleed) | 2023 |
| CVE-2023-23397 | Microsoft Outlook Elevation of Privilege Vulnerability | 2023 |
| CVE-2024-21410 | Microsoft Exchange Server Privilege Escalation | 2024 |
| CVE-2024-3094 | XZ Utils Malicious Code Injection | 2024 |
| CVE-2025-0297 | Palo Alto Networks PAN-OS OS Command Injection | 2025 |
| CVE-2025-27981 | Ivanti Connect Secure and Policy Secure SSTI | 2025 |
| CVE-2025-31210 | Atlassian Confluence Data Center and Server RCE | 2025 |
Delivery and Grading
- Each CVE must be presented by a unique group of students.
- Reserve CVE using the discord channel, by posting a message with group members, software and CVE to be addressed.
- Submit the presentation through E-learning
- Present the slides in class
A presentation should provide the information requested, in a visually adequate manner, allowing other students to understand the role of the product, how the vulnerability presented, its impact, exploitation, and how the vendor handled the process. Proof of concept demonstrations are much welcome.
Relevant Links
- CVE Sandbox: https://github.com/afonsovitorio/cve_sandbox
- CVE Details: https://www.cvedetails.com
- NVD - National Vulnerability Database: https://nvd.nist.gov
- MITRE CVE: https://cve.mitre.org
- Exploit Database: https://www.exploit-db.com
- OWASP Vulnerability Database: https://owasp.org/www-project-vulnerability-database/
- Vulners: https://vulners.com
- VulnHub: https://vulnhub.com
- SecurityFocus: https://www.securityfocus.com
- Packet Storm: https://packetstormsecurity.com
- Rapid7 Vulnerability Database: https://www.rapid7.com/db/vulnerabilities
- Threatpost: https://threatpost.com
- Hacker News: https://thehackernews.com
- Reddit NetSec: https://www.reddit.com/r/netsec
- Reddit CyberSecurity: https://www.reddit.com/r/cybersecurity
- Reddit InfoSec: https://www.reddit.com/r/InfoSec