Oral Presentations (and schedule)
Completion requirements
Rules of the game
- This work should be done by group of 2
- You have to choose between
- either explaining a (recent enough) exploited vulnerability
- or presenting a (part of) a research paper
- The presentations will take place in January, within a 20 minutes time slot (about 15 mn presentation and 5 mn questions)
Vulnerability analysis
| Student Names | Vulnerability | Schedule |
| Marc Sanchez and Théophane Paradis | CVE-2023-32784 (KeePass) | |
| GREGOIRE Thomas & LEVASSEUR Bastien | CVE-2024-47176 (CUPS) |
07/01 - 9h15 |
| Ricard Tuzzolino & Victor Hervet | CVE-2022-37454 (SHA3) |
07/01 - 9h45 |
|
Abdelmajid Ait Ouakrim & Marouane Akassab |
CVE-2024-23897 (Jenkins Arbitrary File read leading to RCE) | 07/01 - 10h05 |
Sara BENOMAR and Anas DRIOUACH
|
CVE-2024-32002 (Git) |
07/01 - 10h25 |
| Marouane Ettahery & Galaad Subileau |
CVE-2024-3094 (XZ Backdoor) |
07/01 - 10h55 |
| Hamza Bouihi & Bilal Akliai |
CVE-2019-11932 (Android GIF library) |
10/01 - 8h15 |
| Loïc Gestin & Tristan Saminadayar & Florian Graule |
TBA |
10/01 - 8h35 |
| Georges Fadel & Saed Dahani |
TBA |
10/01 - 8h55 |
| Sirine Mechmech and Khader Massis | CVE-2022-42889 (Apache Commons Text library) |
10/01 - 9h15 |
|
SALMAN EL YOUSSOUFI, OUAZIZI AYOUB
|
CVE-2024-38063 (Windows IPv6 TCP/IP RCE) | 10/01 - 9h45 |
|
Mounsef BOUHAR, Bowen NING, Mahdi Sallouh
|
TBA |
10/01 - 10h05 |
|
Nizzar AZZOUZI & Ayoub BALADI
|
CVE-2019-18634 (sudo BoF) |
10/01 - 10h25 |
|
Coentin Heuzé
|
CVE-2023-4863 (code injection) |
10/01 - 10h50 |
Research paper presentation
| Student Names | Research paper | Schedule |
| Sacha Tournès-Savry and Anika Sauer | "Yes, One-Bit-Flip Matters! Universal DNN Model Inference Depletion with Runtime Code Fault Injection" - Usenix 24 | |
| Camilo Nunez and Dan Johann Sulaiman | iHunter: Hunting Privacy Violations at Scale in the Software Supply Chain on iOS - Usenix 24 |
Last modified: Tuesday, 7 January 2025, 6:03 PM