TippingPoint Digital Vaccine Laboratories
DID YOU KNOW... In December of 2007, Microsoft released seven security bulletins which fixed 11 new security vulnerabilities. TippingPoint and ZDI were credited with discovering a total of four of those vulnerabilities.

Logan Brown

Logan Brown's Image

Security Researcher (ZDI)


Logan Brown is a researcher within TippingPoint's security research group. Day to day he works on verifying vulnerabilities received through the Zero Day Initiative, writing fuzzers and developing tools to assist in vulnerabilty discovery.

Logan is currently a Computer Science student at the University of Texas in Austin and expects to graduate in 2010. Random fact about Logan: prior to joining TippingPoint, he had a stint as a producer / actor alongside Gary Busey in Hallettsville.
Published Advisories:
  • TPTI-11-14: Adobe Shockwave DEMX Remote Code Execution Vulnerability
  • TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability
  • TPTI-11-09: Adobe Shockwave iml32.dll CSWV Chunk Byte Array Parsing Remote Code Execution Vulnerability
  • TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability
  • TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability
  • TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability
  • TPTI-11-01: Adobe Shockwave dirapi.dll IFWV Trusted Offset Remote Code Execution Vulnerability
  • TPTI-11-05: Adobe Shockwave PFR1 Font Chunk Parsing Remote Code Execution Vulnerability
  • TPTI-11-02: Adobe Shockwave TextXtra Invalid Seek Remote Code Execution Vulnerability
  • TPTI-11-03: Adobe Shockwave Font Xtra String Decoding Remote Code Execution Vulnerability
  • TPTI-10-17: RealNetworks RealPlayer SIPR Stream Frame Dimensions Remote Code Execution Vulnerability
  • TPTI-10-19: RealNetworks RealPlayer MLTI Stream Number Remote Code Execution Vulnerability
  • TPTI-10-18: RealNetworks RealPlayer MDPR Chunk Size Remote Code Execution Vulnerability
  • TPTI-10-16: VMWare VMnc Codec Frame Decompression Remote Code Execution Vulnerability
  • TPTI-10-13: Adobe Shockwave Director tSAC Chunk Remote Code Execution Vulnerability
  • TPTI-10-14: Adobe Shockwave Director rcsL Chunk Pointer Offset Remote Code Execution Vulnerability
  • TPTI-10-15: Adobe Shockwave Director mmap Trusted Chunk Size Remote Code Execution Vulnerability
  • TPTI-10-10: Adobe Shockwave tSAC Chunk Invalid Seek Memory Corruption Remote Code Execution Vulnerability
  • TPTI-10-11: Adobe Shockwave tSAC Chunk Pointer Offset Memory Corruption Remote Code Execution Vulnerability
  • TPTI-10-09: Adobe Shockwave CSWV Chunk Memory Corruption Remote Code Execution Vulnerability
  • TPTI-10-12: Adobe Shockwave TextXtra Allocator Integer Overflow Remote Code Execution Vulnerability
    • Upcoming Advisories:
  • Adobe (399 days since report)
    • Appearances:
  • Black Box Auditing Adobe Shockwave
    2011-11-08 PacSec
  • Black Box Auditing Adobe Shockwave
    2011-04-08 Hackito Ergo Sum
  • Concentrated Fire: Black Box Auditing Adobe Shockwave
    2011-03-09 CanSecWest
  • Pwn2Own 2011
    2011-03-09 CanSecWest
  • Pwn2Own 2010
    2010-03-24 CanSecWest