Lucene search
K

1249 matches found

Prion
Prion
added 2017/07/05 8:29 p.m.20 views

Design/Logic Flaw

XnView Classic for Windows Version 2.40 allows attackers to execute arbitrary code or cause a denial of service via a crafted .rle file, related to a "Read Access Violation on Control Flow starting at COMCTL32!CToolTipsMgr::sToolTipsWndProc+0x0000000000000032."...

4.6CVSS7.9AI score0.00364EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2017/07/05 8:29 p.m.12 views

Design/Logic Flaw

IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!FPXGetScanDevicePropertyGroup+0x000000000000c99a."...

6.8CVSS8AI score0.0133EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2017/07/05 7:0 p.m.20 views

CVE-2017-9873

IrfanView version 4.44 32bit with FPX Plugin 4.46 allows attackers to execute arbitrary code or cause a denial of service via a crafted .fpx file, related to a "Read Access Violation on Control Flow starting at FPX!GetPlugInInfo+0x0000000000012bf2."...

8.2AI score0.0133EPSS
Exploits0References2
Qualys Blog
Qualys Blog
added 2017/06/13 5:45 p.m.23 views

Dynamic Questionnaire: Accelerate Quick and Efficient Responses with Question Gating

As you roll out Security Assessment Questionnaire to your vendors and internal stakeholders, it is necessary to avoid lengthy questionnaires containing many sections with questions that are not relevant to their area of work. It is important that respondents don’t get overwhelmed and spend a lot ...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2017/05/12 12:0 a.m.123 views

EnCase Forensic Imager 7.10 Buffer Overflow

A blog post with additional information is available here: http://blog.sec-consult.com/2017/05/chainsaw-of-custody-manipulating.html We have also released a video showing arbitrary code execution: https://www.youtube.com/watch?v=1EngNIXSNQw SEC Consult Vulnerability Lab Security Advisory...

0.5AI score
Exploits0
myhack58
myhack58
added 2017/05/08 12:0 a.m.73 views

MS16-145: Edge browser the TypedArray. sort UAF vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will provide the reader detailed analysis of how to use the MS Edge browser in the UAF vulnerability to remote code execution. This article will provide readers in-depth analysis of the impact of MS Edge CVE-2016-7288 UAF vulnerability root causes, and how to reliably trigger...

7.6CVSS0.70354EPSS
Exploits2
n0where
n0where
added 2017/05/02 4:33 a.m.37 views

x86 to LLVM Bitcode Translation Framework: McSema

x86 to LLVM Bitcode Translation Framework McSema lifts x86 and amd64 binaries to LLVM bitcode modules. McSema support both Linux and Windows binaries, and most x86 and amd64 instructions, including integer, FPU, and SSE operations. McSema is separated into two conceptual parts: control flow...

0.1AI score
Exploits0References6
ThreatPost
ThreatPost
added 2017/04/27 10:2 a.m.15 views

New COOP Attack Method Highlights Weaknesses In Microsoft's CFG Defenses

Researchers at Endgame have been evaluating an exploitation technique called Counterfeit Object-Oriented Programming COOP to bypass Control Flow Integrity CFI implementations such as that used by Microsoft to harden the defenses of Windows 10. Microsoft added its mitigation, called Control Flow...

0.9AI score
Exploits0References3
OSV
OSV
added 2017/02/13 9:59 p.m.4 views

CVE-2016-8354

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity...

7CVSS5.9AI score0.01103EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2017/02/13 9:59 p.m.6 views

CVE-2016-8354

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity...

7CVSS5.7AI score0.01103EPSS
Exploits0References3
Cvelist
Cvelist
added 2017/02/13 9:0 p.m.28 views

CVE-2016-8354

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity...

7AI score0.01103EPSS
Exploits0References2
CVE
CVE
added 2017/02/13 9:0 p.m.59 views

CVE-2016-8354

CVE-2016-8354 affects Schneider Electric Unity PRO (before v11.1). Unity projects can be compiled to x86 instructions and loaded into the Unity PRO PLC Simulator; a specially crafted patched project can redirect control flow and cause the simulator to execute malicious code. Public vulnerability ...

7CVSS6.9AI score0.01103EPSS
Exploits0References2Affected Software1
0day.today
0day.today
added 2017/02/01 12:0 a.m.32 views

Google Android - cfp_ropp_new_key_reenc and cfp_ropp_new_key RKP Memory Corruption Exploit

Exploit for Android platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=979 As part of Samsung KNOX, Samsung phones include a security hypervisor called RKP Real-time Kernel Protection, running in EL2. This hypervisor is meant to ensure that the HLOS...

7AI score
Exploits0
exploitpack
exploitpack
added 2017/02/01 12:0 a.m.29 views

Google Android - cfp_ropp_new_key_reenc cfp_ropp_new_key RKP Memory Corruption

Google Android - cfproppnewkeyreenc cfproppnewkey RKP Memory Corruption Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=979 As part of Samsung KNOX, Samsung phones include a security hypervisor called RKP Real-time Kernel Protection, running in EL2. This hypervisor is meant to...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2017/02/01 12:0 a.m.57 views

Google Android - 'cfp_ropp_new_key_reenc' / 'cfp_ropp_new_key' RKP Memory Corruption

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=979 As part of Samsung KNOX, Samsung phones include a security hypervisor called RKP Real-time Kernel Protection, running in EL2. This hypervisor is meant to ensure that the HLOS kernel running in EL1 remains protected from exploit...

7.4AI score
Exploits0
myhack58
myhack58
added 2016/12/27 12:0 a.m.58 views

Based on the Chakra JIT-CFG to bypass the technology-vulnerability warning-the black bar safety net

In this article, we will to introduce the reader in to attack Internet Explorer and the Edge browser can be used to bypass Microsoft's control flow protection of the CFG of the method. Our previous proof-of-concept nature of the exploit code is covered by the object's function pointers to achieve...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2016/12/14 6:55 p.m.454 views

Twin zero-day attacks: PROMETHIUM and NEODYMIUM target individuals in Europe

Targeted attacks are typically carried out against individuals to obtain intellectual property and other valuable data from target organizations. These individuals are either directly in possession of the targeted information or are able to connect to networks where the information resides...

10CVSS1AI score0.94354EPSS
Exploits6
ThreatPost
ThreatPost
added 2016/11/07 1:50 p.m.59 views

Microsoft Tears off the Band-Aid with EMET

Microsoft last week extended the end-of-life expiration date to July 2018 on its exploit mitigation add-on, the Enhanced Mitigation Experience Toolkit EMET. But for some time, the once-useful tool has been well on its way out to pasture. While EMET was never meant to be anything more than stopgap...

9.3CVSS0.9AI score0.99945EPSS
Exploits33References4
n0where
n0where
added 2016/11/03 4:6 a.m.75 views

Binary Analysis Platform: angr

Binary Analysis Platform angr is a platform-agnostic binary analysis framework developed by the Computer Security Lab at UC Santa Barbara and their associated CTF team, Shellphish. angr is a suite of python libraries that let you load a binary and do a lot of cool things to it: Disassembly and...

7.2AI score
Exploits0References10
Google Chrome Security Advisories
Google Chrome Security Advisories
added 2016/09/29 12:0 a.m.38 views

Stable Channel Update for Desktop

The stable channel has been updated to 53.0.2785.143 for Windows, Mac, and Linux. This will roll out over the coming days/weeks. Security Fixes and Rewards Many of our security bugs are detected using AddressSanitizer, MemorySanitizer, Control Flow Integrity or LibFuzzer. Note: Access to bug...

9.8CVSS8.6AI score0.01836EPSS
Exploits0Affected Software1
Rows per page
Query Builder