Two Memory Corruption Vulnerabilities Exist in Antenna Defense

Anthem Defense is Anthem's antivirus program. Antenna Defense 7 Antivirus has two different memory corruption vulnerabilities when dealing with specific PE files, which allow attackers to exploit the vulnerabilities to construct malformed PE files that cause Antenna Defense 7 to crash due to memo...

Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability

SUMMARY A denial of service vulnerability exists in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cause an access violation in IDSvix86 kernel driver resulting in denial of service. An attacker can trigger this vulnerability for...

Symantec Anti-virus Engine Denial of Service Vulnerability

Symantec Anti-virus Engine AVE is a network service from Symantec, Inc. that provides virus scanning and virus remediation for application data traveling over a network. A security vulnerability exists in Symantec AVE version 20151.1.0.32. The vulnerability can be exploited by an attacker to caus...

Antenna Defense Memory Corruption Vulnerability

Anthem Defense is Anthem's antivirus program. Antenna Defense 7 Antivirus has a memory corruption vulnerability when dealing with PE files, which allows attackers to exploit the vulnerability to construct malformed PE files that can cause Antenna Defense 7 to crash due to memory corruption while...

Memory Corruption Vulnerability in Dr. An Antivirus

Dr. An antivirus is a security product. Dr. An Antivirus has a memory corruption vulnerability when dealing with PE files, which allows attackers to exploit the vulnerability to construct malformed PE files, allowing Dr. An to terminate the scan due to memory corruption during scanning or cause a...

ROPInjector - Convert any Shellcode in ROP and patch it into a given Portable Executable (PE)

A tool written in C Win32 to convert any shellcode in ROP and patch it into a given portable executable PE. It supports only 32-bit target PEs and the x86 instruction set. Published in Blackhat USA 2015, "ROPInjector: Using Return Oriented Programming for Polymorphism and Antivirus Evasion" More...

Avast Memory Corruption Vulnerability

Avast is a suite of antivirus software from the Czech company Avast Avast. A security vulnerability exists in Avast that can be exploited by remote attackers to cause a denial of service memory corruption or execute arbitrary code with the help of a specially crafted PE file...

binutils: out-of-bounds write when parsing specially crafted PE executable

A stack-based buffer overflow flaw was found in the way various binutils utilities processed certain files. If a user were tricked into processing a specially crafted file, it could cause the utility used to process that file to crash or, potentially, execute arbitrary code with the privileges of...

PEframe - Tool to perform static analysis on Portable Executable malware

PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...

DEBIAN-CVE-2014-8502

Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...

DEBIAN-CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

UBUNTU-CVE-2014-8502

Heap-based buffer overflow in the peprintedata function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly have other unspecified impact via a truncated export table in a PE file...

UBUNTU-CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

UBUNTU-CVE-2014-9050

Heap-based buffer overflow in the cliscanpe function in libclamav/pe.c in ClamAV before 0.98.5 allows remote attackers to cause a denial of service crash via a crafted y0da Crypter PE file...

VulnCheck KEV: CVE-2013-3900

A remote code execution vulnerability exists in the way that the WinVerifyTrust function handles Windows Authenticode signature verification for PE files...

Altap Salamander 2.5 PE Viewer Buffer Overflow

No description provided by source. $Id: altapsalamanderpdb.rb 11353 2010-12-16 20:11:01Z egypt $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms...

PHP Libmagic Portable Executable Out-Of-Bounds Memory Access (CVE-2014-2270)

An out-of-bounds memory access vulnerability exists in PHP Libmagic. The vulnerability is due to the way the file utility determines the type of Portable Executable PE format files. A remote attacker can exploit this flaw by uploading a malicious PE file to a vulnerable server...

APPLE-SA-2014-02-11-1 Boot Camp 5.1

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 APPLE-SA-2014-02-11-1 Boot Camp 5.1 Boot Camp 5.1 is now available and addresses the following: Boot Camp Available for: Macs running Boot Camp 5 Impact: Loading a malformed executable file may cause memory corruption in the kernel Description: A boun...

Debian: Security Advisory (DSA-2873-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Updated file packages fix CVE-2014-2270

Updated file packages fix security vulnerability: A flaw was found in the way the file utility determined the type of Portable Executable PE format files, the executable format used on Windows. A malicious PE file could cause the file utility to crash or, potentially, execute arbitrary code...