BlackBerry’s BadAlloc, Glibc’s NULL, Backtick Command Injection, & ProxyLogon Details – ASW #163

This week Mike & John discuss: BlackBerry addresses BadAlloc bugs, glibc fixes a fix, more snprintf misuse that leads to command injection, ProxyLogon technical details, & more in the AppSec News! Visit for all the latest episodes!

Full Episode Show Notes

BlackBerry's BadAlloc, Glibc's NULL, Backtick Command Injection, & ProxyLogon Details


John Kinsella

John Kinsella - Co-founder & CTO at Cysense


John Kinsella is the Chief Architect for Accurics

Mike Shema

Mike Shema - Product Security Lead at Square


Mike Shema is the Product Security Lead of Square


  • Security Weekly Unlocked will be held IN PERSON this December 5-7 at the Hilton Lake Buena Vista!

    We are excited to announce our first round of speakers: Lesley Carhart, David Kennedy, Alyssa Miller, O’Shea Bowens, Marina Ciavatta, Patrick Coble, Chris Eng, Eric Escobar, Nick Leghorn, Michael Schladt, Kevin Johnson, and Justin Kohler!

    Visit to register and check out our rockstar lineup!

  • Join us August 26th at 11am eastern to learn how to implement cloud security that actually works. Visit to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at

prestitial ad