Lucene search
K

243 matches found

hivepro
hivepro
added 2022/02/15 7:35 a.m.23 views

Threat Campaign by Molerats uses NimbleMamba Malware to target Middle East

THREAT LEVEL: Red. For a detailed advisory, download the pdf file here An APT group Molerats associated with Gaza has launched a new threat campaign using a malware NimbleMamba aimed at Middle Eastern governments, foreign policy think tanks, and even a state-owned airline. The current attack was...

1AI score
Exploits0
Cisco
Cisco
added 2019/10/02 4:0 p.m.147 views

Cisco Firepower System Software Detection Engine RTF and RAR Malware and File Policy Bypass Vulnerabilities

Multiple vulnerabilities in the Cisco Firepower System Software Detection Engine could allow an unauthenticated, remote attacker to bypass configured Malware and File Policies for RTF and RAR file types. For more information about these vulnerabilities, see the Details "details" section of this...

5.8CVSS1AI score0.01455EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2019/05/13 12:0 a.m.34 views

EulerOS Virtualization 3.0.1.0 : libarchive (EulerOS-SA-2019-1470)

According to the versions of the libarchive package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in libarchive. A specially crafted MTREE file could cause a small out-of-bounds read, potentially...

8.8CVSS7.5AI score0.11992EPSS
Exploits13References25
Prion
Prion
added 2019/04/08 7:29 p.m.23 views

Design/Logic Flaw

A vulnerability in the RAR file scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanism...

6.8CVSS7.4AI score0.018EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2019/04/08 7:5 p.m.41 views

CVE-2019-1785

A vulnerability in the RAR file scanning functionality of Clam AntiVirus ClamAV Software versions 0.101.1 and 0.101.0 could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to a lack of proper error-handling mechanism...

9.8CVSS8.6AI score0.018EPSS
Exploits0
CVE
CVE
added 2019/04/08 7:5 p.m.157 views

CVE-2019-1785

CVE-2019-1785 affects ClamAV, specifically the RAR file scanning path in versions 0.101.1 and 0.101.0. The issue stems from improper input validation/error handling when processing nested RAR files, enabling an unauthenticated, remote attacker to cause a denial of service and potentially view or ...

9.8CVSS7.5AI score0.018EPSS
Exploits0References2Affected Software1
Veracode
Veracode
added 2018/10/16 7:44 a.m.32 views

Remote Code Execution (RCE)

libarchive.so is vulnerable to remote code execution. A RAR file with an invalid zero dictionary size was not properly validated which leads to a zero-sized allocation for the dictionary storage and overwritten during the dictionary initialization, allowing a remote attacker to execute arbitrary...

7.8CVSS8.3AI score0.04757EPSS
Exploits2References2Affected Software1
Veracode
Veracode
added 2018/07/31 1:22 p.m.28 views

Denial Of Service (DoS)

libarchive.so is vulnerable to denial of service DoS attacks. A malicious user can pass a rar file to the archivereadformatrarreaddata function in archivereadsupportformatrar.c, causing uninitialized memory to be accessed that can crash the applications...

5.5CVSS6AI score0.01995EPSS
Exploits1References2Affected Software1
Veracode
Veracode
added 2018/07/31 8:12 a.m.23 views

Denial Of Service (DoS)

libarchive.so is vulnerable to denial of service DoS attacks. A malicious user can pass a rar file to the copyfromlzsswindow function in archivereadsupportformatrar.c file to cause an out-of-bounds read that can crash the application...

5.5CVSS6AI score0.023EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2018/04/06 12:0 a.m.8 views

The vulnerability of the Microsoft Malware Protection Engine’s protection module against malicious programs arises from insufficient validation of input data, allowing attackers to execute arbitrary code.

The vulnerability of the Microsoft Malware Protection Engine’s protection module mpengine.dll is related to insufficient input data validation. Exploiting this vulnerability allows a malicious actor to execute arbitrary code with SYSTEM privileges using a specially crafted rar file...

10CVSS8.2AI score0.61482EPSS
Exploits2References7Affected Software2
Tenable Nessus
Tenable Nessus
added 2017/10/23 12:0 a.m.29 views

GLSA-201710-21 : Kodi: Arbitrary code execution

The remote host is affected by the vulnerability described in GLSA-201710-21 Kodi: Arbitrary code execution Kodi is vulnerable due to shipping with an embedded version of UnRAR. Please review the referenced CVE identifier for details. Impact : A remote attacker, by enticing a user to process a...

10CVSS8.6AI score0.10027EPSS
Exploits4References2
Gentoo Linux
Gentoo Linux
added 2017/10/22 12:0 a.m.94 views

Kodi: Arbitrary code execution

Background Kodi is a free and open source media-center and entertainment hub previously known as XBMC. Description Kodi is vulnerable due to shipping with an embedded version of UnRAR. Please review the referenced CVE identifier for details. Impact A remote attacker, by enticing a user to process...

10CVSS9.6AI score0.10027EPSS
Exploits4
exploitpack
exploitpack
added 2017/06/23 12:0 a.m.22 views

unrar 5.40 - VMSF_DELTA Filter Arbitrary Memory Write

unrar 5.40 - VMSFDELTA Filter Arbitrary Memory Write Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=1286&desc=6 It appears that the VMSFDELTA memory corruption that was reported to Sophos AV in 2012 and fixed there was actually inherited from upstream unrar. For unknown reasons...

0.4AI score
Exploits0
OpenVAS
OpenVAS
added 2017/04/25 12:0 a.m.26 views

Symantec Endpoint Protection Small Business Edition RAR File Parser DoS Vulnerabilities

Symantec Endpoint Protection Small Business Edition is prone to denial of service vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

5.5CVSS5.8AI score0.06877EPSS
Exploits3References5
Prion
Prion
added 2017/04/14 6:59 p.m.14 views

Out-of-bounds

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...

4.3CVSS6.8AI score0.06877EPSS
Exploits2References8Affected Software9
Prion
Prion
added 2017/04/14 6:59 p.m.18 views

Memory corruption

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...

4.3CVSS6.8AI score0.05307EPSS
Exploits2References8Affected Software9
NVD
NVD
added 2017/04/14 6:59 p.m.23 views

CVE-2016-5310

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...

5.5CVSS5.3AI score0.05307EPSS
Exploits2References8
Cvelist
Cvelist
added 2017/04/14 6:0 p.m.29 views

CVE-2016-5310

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...

5.2AI score0.05307EPSS
Exploits2References8
Cvelist
Cvelist
added 2017/04/14 6:0 p.m.27 views

CVE-2016-5309

The RAR file parser component in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection: Network ATP; Symantec Email Security.Cloud; Symantec Data Center Security: Server; Symantec Endpoint Protection SEP for Windows before 12.1.6 MP5; Symantec Endpoint Protection SEP for Mac;...

5.2AI score0.06877EPSS
Exploits2References8
CVE
CVE
added 2017/04/14 6:0 p.m.62 views

CVE-2016-5310

CVE-2016-5310 covers a denial-of-service memory-corruption issue in the RAR file parser/decompressor across Symantec products (ATP, various SEP variants, SPE, SMSG, SMSDOM, SPSS, SMSMSE, SEPC, SEPC, etc.). The root cause is mishandling of crafted RAR archives in the decompression path, leading to...

5.5CVSS5.1AI score0.05307EPSS
Exploits2References8Affected Software15
Rows per page
Query Builder