36 matches found
Hopper Disassembler ELF Section Header Size Code Execution Vulnerability(CVE-2016-8390)
Summary An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper App. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with...
XAMPP 7.1.1-0-VC14 DLL Hijacking
Hi @ll, xampp-win32-7.1.1-0-VC14-installer.exe, available from , is vulnerable, dangerous and defective. ALL other executable installers built with BitRock InstallBuilder which of course includes BitRocks InstallBuilder itself are vulnerable and defective too. 0. DANGEROUS 0.a It instructs its...
Hopper Disassembler ELF Section Header Size Code Execution Vulnerability
Summary An exploitable out of bounds write vulnerability exists in the parsing of ELF Section Headers of Hopper App. A specially crafted ELF file can cause attacker controlled pointer arithmetic resulting in a partially controlled out of bounds write. An attacker can craft an ELF file with...
Avira - Heap Underflow Parsing PE Section Headers
Avira - Heap Underflow Parsing PE Section Headers Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=765 One of the things you might expect an Antivirus engine to do reliably is parse PE files. However, after some simple testing with Avira, I found a heap underflow that is, writing...
Amazon Linux AMI : file (ALAS-2015-497)
The ELF parser in file 5.08 through 5.21 allows remote attackers to cause a denial of service via a large number of notes. CVE-2014-9620 The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2...
CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
Design/Logic Flaw
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
EUVD-2014-7961
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
UBUNTU-CVE-2014-8116
The ELF parser readelf.c in file before 5.21 allows remote attackers to cause a denial of service CPU consumption or crash via a large number of 1 program or 2 section headers or 3 invalid capabilities...
CVE-2014-8485
The setupgroup function in bfd/elf.c in libbfd in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted section group headers in an ELF file...
security flaw
Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...
security flaw
Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...
DEBIAN-CVE-2005-1704
Integer overflow in the Binary File Descriptor BFD library for gdb before 6.3, binutils, elfutils, and possibly other packages, allows user-assisted attackers to execute arbitrary code via a crafted object file that specifies a large number of section headers, leading to a heap-based buffer...