CVE-2024-58278

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

EUVD-2025-201268

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2024-58278

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2024-58278 IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

CVE-2024-58278

IndigoSTAR Perl2exe

CVE-2024-58278 IndigoSTAR Software - perl2exe <= V30.10C - Arbitrary Code Execution

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

PT-2025-49134

perl2exe = V30.10C contains an arbitrary code execution vulnerability that allows local authenticated attackers to execute malicious scripts. Attackers can control the 0th argument of packed executables to execute another executable, allowing them to bypass restrictions and gain unauthorized acce...

Targeted Malware Reverse Engineering Workshop follow-up. Part 2

If you have read our previous blogpost "Targeted Malware Reverse Engineering Workshop follow-up. Part 1", you probably know about the webinar we conducted on April 8, 2021, with Kaspersky GReATs Ivan Kwiatkowski and Denis Legezo, to share best practices in reverse engineering and demonstrate...

ALPINE-CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

Manalyze - A static analyzer for PE executables

Manalyzer is a free service which performs static analysis on PE executables to detect undesirable behavior. A static analyzer for PE files Manalyze was written in C++ for Windows and Linux and is released under the terms of the GPLv3 license . It is a robust parser for PE files with a flexible...

Symantec Antivirus Engine ASPack Remote Memory Corruption (CVE-2016-2208)

A Memory Corruption vulnerability exist in the Symantec Antivirus Engine in ASPack early version. This vulnerability is due to incorrect parsing of executables packed by ASPack early version...

PE Executables Static Analyzer: Manalyze

PE Executables Static Analyzer Manalyze performs static analysis on PE files, in order to detect signs of malicious behavior. It is a versatile tool with a robust parser and a set of built-in tests, but can also be extended easily.Manalyze was written in C++ for Windows and Linux and is released...

Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans

Comodo AntiVirus - Forwards Emulated API Calls to the Real API During Scans Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=769 Comodo Antivirus includes a x86 emulator that is used to unpack and monitor obfuscated executables, this is common practice among antivirus products. T...

Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables

Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables Source: https://code.google.com/p/google-security-research/issues/detail?id=554 The attached PEncrypt packed executable causes an OOB write on Avast Server Edition. gdb bt 0 0xf6f5e64a in EmulatePolyCodePOLYINFO, int from...

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption

Kaspersky AntiVirus - ExeCryptor Parsing Memory Corruption Source: https://code.google.com/p/google-security-research/issues/detail?id=525 Fuzzing packed executables found the attached crash, it might be usable as an information leak as part of another bug, so filing as a low-risk bug. If I had t...

Symantec Mail Security for SMTP buffer overflow

Buffer overflow on packed executables parsing...

Clam AntiVirus contains a buffer overflow vulnerability

Overview A buffer overflow in Clam AntiVirus ClamAV may allow a remote attacker to execute arbitrary code. Description Clam AntiVirus is a UNIX-based, anti-virus toolkit often deployed with mail servers to detect malicious attachments. A signedness error in ClamAV libclamav/upx.c may allow a buff...