Microsoft Windows cmd.exe - Stack Buffer Overflow Vulnerability

Title: Microsoft Windows cmd.exe - Stack Buffer Overflow Author: John Page aka hyp3rlinx Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-WINDOWS-CMD.EXE-STACK-BUFFER-OVERFLOW.txt ISR: ApparitionSec Vendor www.microsoft.com Product cmd.exe is the default command-line interpreter for t...

Backdoor.Win32.Whirlpool.10 Remote Stack Buffer Overflow

Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/bf0682b674ef23cf8ba0deeaf546f422.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Whirlpool.10 Vulnerability: Remote Stack Buffer Overflow Description: Whirlpool liste...

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData -----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs...

Microsoft Font Subsetting - DLL Heap Corruption in ComputeFormat4CmapData

-----===== Background =====----- The Microsoft Font Subsetting DLL fontsub.dll is a default Windows helper library for subsetting TTF fonts; i.e. converting fonts to their more compact versions based on the specific glyphs used in the document where the fonts are embedded. It is used by Windows G...

Computerinsel Photoline SVG Parsing Code Execution Vulnerability

Summary An memory corruption vulnerability exists in the .SVG parsing functionality of Computerinsel Photoline 20.02. A specially crafted .SVG file can cause a vulnerability resulting in memory corruption, which can potentially lead to arbitrary code execution. An attacker can send a specific .SV...

Microsoft Application Verifier DoubleAgent Antivirus Hijacking Vulnerability

Microsoft Application Verifier is a code dynamic detection tool that comes with Microsoft Windows versions. Microsoft Application Verifier has a DoubleAgent vulnerability in the application code detection workaround. The vulnerability exists in the "verifier provider DLL" file. An attacker can...

Microsoft Application Verifier exposed 0day vulnerabilities, the impact of Trend Micro, Kaspersky, Symantec, including a large number of security products-vulnerability warning-the black bar safety net

Recently, Cybellum company found a 0-day vulnerability, can completely control most of the security product. This vulnerability is called“DoubleAgent”is a double-sided Spy, and many security vendors by DoubleAgent effects, including Avast, AVG, Avira, Bitdefender, Trend Micro, Comodo Comodo, ESET...

Unpatchable 'DoubleAgent' Attack Can Hijack All Windows Versions — Even Your Antivirus!

A team of security researchers from Cybellum, an Israeli zero-day prevention firm, has discovered a new Windows vulnerability that could allow hackers to take full control of your computer. Dubbed DoubleAgent, the new injecting code technique works on all versions of Microsoft Windows operating...

CVE-2017-6186

Code injection vulnerability in Bitdefender Total Security 12.0 and earlier, Internet Security 12.0 and earlier, and Antivirus Plus 12.0 and earlier allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any Bitdefender process via a...

Microsoft Office PowerPoint 2010 - GDI GDI32!ConvertDxArray Insufficient Bounds Check

Microsoft Office PowerPoint 2010 - GDI GDI32!ConvertDxArray Insufficient Bounds Check Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=951 Platform: GDI on Windows 7 x86 reachable from Microsoft Office 2010 Class: Out of bounds memory access The following crash was observed in...

Microsoft Office PowerPoint 2010 - GDI 'GDI32!ConvertDxArray' Insufficient Bounds Check

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=951 Platform: GDI on Windows 7 x86 reachable from Microsoft Office 2010 Class: Out of bounds memory access The following crash was observed in Microsoft Office 2010 running under Windows 7 x86 with Application Verifier enabled...

Microsoft Office PowerPoint 2010 - MSOOART Heap Out-of-Bounds Access

Microsoft Office PowerPoint 2010 - MSOOART Heap Out-of-Bounds Access Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=950 Platform: Microsoft Office 2010 on Windows 7 x86 Class: Time of check time of use leading to memory corruption The following crash was observed in Microsoft...

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read

Microsoft Internet Explorer 9 - MSHTML CPtsTextParaclient::CountApes Out-of-Bounds Read oElement1 position: absolute; oElement2:after position: relative; content: counterx; onload = function oElement1 = document.createElement'oElement1'; document.documentElement.appendChildoElement1; oElement2 =...

Microsoft Office PowerPoint 2010 - Invalid Pointer Reference

Microsoft Office PowerPoint 2010 - Invalid Pointer Reference Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.500...

Microsoft Office PowerPoint 2010 - Invalid Pointer Reference

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=866 The following crash was observed in Microsoft PowerPoint 2010 running under Windows 7 x86 with application verifier enabled. File versions are: mso.dll: 14.0.7166.5000 ppcore.dll: 14.0.7168.5000 Attached crashing file:...

VMware Workstation - 'vprintproxy.exe' JPEG2000 Images Multiple Memory Corruptions

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=850 As already discussed in a number of reports in this tracker 285, 286, 287, 288, 289, 292, VMware Workstation current version 12.1.1 build-3770994 ships with a feature called "Virtual Printers", which enables the virtualized...

Microsoft Office 2007 - BIFFRecord Length Use-After-Free

Microsoft Office 2007 - BIFFRecord Length Use-After-Free Source: https://code.google.com/p/google-security-research/issues/detail?id=464 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and...

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion

Source: https://code.google.com/p/google-security-research/issues/detail?id=465 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and reproduction. This bug did not reproduce in Office 2010 ...

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion

Microsoft Office 2007 - OLESSDirectyEntry.CreateTime Type Confusion Source: https://code.google.com/p/google-security-research/issues/detail?id=465 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for...

Microsoft Office 2007 MSO.dll Arbitrary Free Exploit

Exploit for windows platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=417&can=1 The following crash was observed in Microsoft Office 2007 with Microsoft Office File Validation Add-In disabled and Application Verifier enabled for testing and...