Threat Analysis: Carbon Black Threat Research Dissects PNG Dropper

UPDATE 8/14/17: After posting the original analysis, the Carbon Black Threat Research team received numerous requests for the tools to extract the second stage payload from the initial PNGdropper file. As a result, the source code and compiled binaries are being made public and are posted to the...

Amazon Linux AMI : graphite2 (ALAS-2017-872)

Vulnerabilities in the Graphite 2 library MFSA 2017-16 A heap-based buffer overflow flaw related to 'lz4::decompress' has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arbitrary code. CVE-2017-7778 Heap-buffer-overflow write...

RedHat Update for glibc RHSA-2017:1916-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable PIE, the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory...

Moderate: Red Hat Security Advisory: glibc security, bug fix, and enhancement update

An update for glibc is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

WSSAT - Web Service Security Assessment Tool

WSSAT is an open source web service security scanning tool which provides a dynamic environment to add, update or delete vulnerabilities by just editing its configuration files. This tool accepts WSDL address list as input file and for each service, it performs both static and dynamic tests again...

Exploit for CVE-2017-8570

Introduction By Temesgen Yibeltal [email protected] Bas...

IdeaCMS microstore config_loader.asp has SQL injection vulnerability

IdeaCMS Micro Mall Management System is a PC+Mobile+WeChat integrated mall system developed by Sampi Network Technology Co. A SQL injection vulnerability exists in IdeaCMS Micro Mall configloader.asp. An attacker can exploit this vulnerability to obtain sensitive information from the database...

InsomniaX 2.1.8 Arbitrary Kernel Extension Loading Vulnerability

It was found that the loader application bundled with InsomniaX can be used to load arbitrary Kernel Extensions kext. The loader is normally used to load a kext file that is needed to disable the Lid Sleep. A flaw has been found in the loader that allows a local attacker to load or unload any...

WordPress Advanced AJAX Page Loader plugin <= 2.7.4 - Arbitrary File Upload Vulnerability

WordPress Advanced AJAX Page Loader plugin = 2.7.4 is prone to An Arbitrary File Upload Vulnerability. The vulnerability allows an attacker to upload an arbitrary file. When you access /wp-admin/admin-post.php page, the function adminmenuAAPL is caused to run. This function calls...

InsomniaX 2.1.8 Arbitrary Kernel Extension Loading

------------------------------------------------------------------------ InsomniaX loader allows loading of arbitrary Kernel Extensions ------------------------------------------------------------------------ Yorick Koster, April 2017...

graphite2: use of uninitialized memory "graphite2::GlyphCache::Loader::read_glyph"

The use of uninitialized memory related to "graphite2::GlyphCache::Loader::readglyph" has been reported in graphite2. An attacker could possibly exploit this flaw to negatively impact the execution of an application using graphite2 in unknown ways...

VulnCheck KEV: CVE-2003-0127

The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel...

Vulnerability in the Android operating system’s loader, allowing a hacker to gain access to resources

The vulnerability in the Android operating system’s loader is related to incorrect initialization of resources. Exploiting this vulnerability can allow a remote attacker to gain access to these resources...

CVE-2017-7777

Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::readglyph function...

UBUNTU-CVE-2017-7777

Use of uninitialized memory in Graphite2 library in Firefox before 54 in graphite2::GlyphCache::Loader::readglyph function...

The vulnerability of the Android operating system, allowing a hacker to execute arbitrary code

The vulnerability of the initial loader of the HTC Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to execute arbitrary code within the loader context, thereby executing a local malware application remotely. This issue ...

RW-4040 driver installer may insecurely load Dynamic Link Libraries

Overview RW-4040 driver installer for IC Card Reader/Writer devices provided by Sharp Corporation contains an issue with the DLL search path, which may lead to insecurely load Dynamic Link Libraries CWE-427. Yuji Tounai of NTT Communications Corporation and BlackWingCat of PinkFlyingWhale reporte...

The vulnerability of the initial loader of Qualcomm’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initial loader of the Qualcomm Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the initial loader of Qualcomm’s Android operating system allows a hacker to execute arbitrary code.

The vulnerability of the initial loader of the Qualcomm Android operating system is related to deficiencies in access control. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...