Buffer overflow

GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream, potentially leading to a program crash...

CVE-2017-7223

GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream, potentially leading to a program crash...

CVE-2017-7223

Technical details about CVE-2017-7223 are not provided in the supplied documents. Connected sources reference the CVE only at listing/advisory level without specifics. Monitor for updates.

CVE-2017-7223

GNU assembler in GNU Binutils 2.28 is vulnerable to a global buffer overflow of size 1 while attempting to unget an EOF character from the input stream, potentially leading to a program crash...

[SECURITY] Fedora 24 Update: binutils-2.26-18.fc24

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

Vulnerabilities in the Thunderbird email client, as well as in the Firefox and Firefox ESR browsers, allow attackers to trigger service failures or execute arbitrary code.

The multiple vulnerabilities in the Thunderbird email client’s kernel, as well as in the Firefox and Firefox ESR browsers, are caused by buffer overflows. Exploitation of these vulnerabilities can allow a malicious actor to cause service interruptions memory corruption, application termination, o...

Memory corruption

Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 45.0 allow remote attackers to cause a denial of service memory corruption and application crash or possibly execute arbitrary code via vectors related to js/src/jit/arm/Assembler-arm.cpp, and unknown other vecto...

JReFrameworker - Practical Managed Code Rootkits for Java

This project aims to extend the work done by Erez Metula in his book Managed Code Rootkits: Hooking into Runtime Environments. The work outlines a tool ReFrameworker that claims to be a framework modification tool capable of performing any modification task, however the tool falls short in...

Scientific Linux Security Update : binutils on SL7.x x86_64 (20151119)

Multiple buffer overflow flaws were found in the libbdf library used by various binutils utilities. If a user were tricked into processing a specially crafted file with an application using the libbdf library, it could cause the application to crash or, potentially, execute arbitrary code...

CVE-2008-7177

Buffer overflow in the listing module in Netwide Assembler NASM before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719...

GNU Assembler Detection (Linux/Unix SSH Login)

Detects the installed version of GNU Assembler. The script logs in via ssh, searches for executable SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

The vulnerability of Firefox and Firefox ESR browsers allows a perpetrator to trigger a service failure.

The vulnerability of the js::jit::AssemblerX86Shared::lockaddl function in Firefox and Firefox ESR browsers is caused by a buffer overflow. Exploiting this vulnerability allows an attacker to cause a service failure by manipulating shared memory...

SuSE 11.3 Security Update : glibc (SAT Patch Number 10357)

glibc has ben updated to fix three security issues : - wordexp failed to honour WRDENOCMD bsc906371. CVE-2014-7817 - Fixed invalid file descriptor reuse while sending DNS query bsc915526. CVE-2013-7423 - Fixed buffer overflow in wscanf bsc916222 These non-security issues have been fixed:...

[SECURITY] Fedora 21 Update: binutils-2.24-30.fc21

Binutils is a collection of binary utilities, including ar for creating, modifying and extracting from archives, as a family of GNU assemblers, gprof for displaying call graph profile data, ld the GNU linker, nm for listing symbols from object files, objcopy for copying and translating object...

win32 SEH omelet shellcode 0.1

No description provided by source. A small piece of shellcode written in assembler that can scan the user-land address space for small blocks of memory eggs and recombine the eggs into one large block. When done, the large block is executed. This is useful when you can only insert small blocks at...

About Shellcodes in C

This is a follow up of our previous introductory post about shellcodes. Here we aim for coding more complex shellcodes directly in C. We'll mostly use default tools like gcc and as, at the end also a small python script to reorder and pack things. We'll play with linux but the concepts and script...

Duqu's 'Mystery Code' Not New – Just 'Old School'

Researchers around the world put their heads together and solved the identity of ‘mystery code’ in the Duqu Trojan horse program, researchers from Kaspersky Lab announced on Monday. Weeks after announcing that they had discovered computer code of unknown provenance in the innards of the Duqu...

[SECURITY] Fedora 14 Update: qtpfsgui-1.9.3-6.fc14

Qtpfsgui is a graphical program for assembling bracketed photos into High Dynamic Range HDR images. It also provides a number of tone-mapping operators for creating low dynamic range versions of HDR images...

Основы написания Win-шеллкода

В этой статье речь пойдет о написании простого шеллкода под Windows платформу. Статья является начальным этапом цикла статей, которые я, опираясь на материалы и труды зарубежных специалистов в данной области, планирую написать. Эта статья не насыщена всеобъемлющей информацией, однако её цель -...

CVE-2008-7177

Buffer overflow in the listing module in Netwide Assembler NASM before 2.03.01 has unknown impact and attack vectors, a different vulnerability than CVE-2008-2719...