Lucene search
K

29 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-15105

Malware in sbrugna...

7.8CVSS7.7AI score0.00943EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 8:42 a.m.5 views

CVE-2019-5530

Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature...

7.8CVSS6.9AI score0.00943EPSS
Exploits0References1
Rapid7 Blog
Rapid7 Blog
added 2024/05/23 1:0 p.m.32 views

CVE-2024-4978: Backdoored Justice AV Solutions Viewer Software Used in Apparent Supply Chain Attack

The following Rapid7 team members contributed to this blog: Ipek Solak, Thomas Elkins, Evan McCann, Matthew Smith, Jake McMahon, Tyler McGraw, Ryan Emmons, Stephen Fewer, and John Fenninger Overview Justice AV Solutions JAVS is a U.S.-based company specializing in digital audio-visual recording...

8.7CVSS8.8AI score0.26937EPSS
Exploits1
Vulnrichment
Vulnrichment
added 2024/05/23 1:56 a.m.17 views

CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS7AI score0.26937EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/05/23 1:56 a.m.64 views

CVE-2024-4978 Malicious Code in Justice AV Solutions (JAVS) Viewer

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands...

8.7CVSS8.4AI score0.26937EPSS
Exploits1References3
CVE
CVE
added 2024/05/23 1:56 a.m.238 views

CVE-2024-4978

CVE-2024-4978 affects Justice AV Solutions (JAVS) Viewer v8.3.7 installed via the 8.3.7.250-1 bundle. The advisory documents a malicious binary (fffmpeg.exe) embedded in the installer and signed with an unexpected Vanguard Tech Limited Authenticode certificate. When executed, the binary can estab...

8.7CVSS8.3AI score0.26937EPSS
In wildExploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2024/05/23 12:0 a.m.23 views

CVE-2024-4978

Justice AV Solutions Viewer Setup 8.3.7.250-1 contains a malicious binary when executed and is signed with an unexpected authenticode signature. A remote, privileged threat actor may exploit this vulnerability to execute of unauthorized PowerShell commands. Recent assessments: Assessed Attacker...

8.7CVSS7AI score0.26937EPSS
In wildExploits1References4
exploitpack
exploitpack
added 2019/09/24 12:0 a.m.29 views

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service

Microsoft Windows cryptoapi - SymCrypt Modular Inverse Algorithm Denial of Service There's a bug in the SymCrypt multi-precision arithmetic routines that can cause an infinite loop when calculating the modular inverse on specific bit patterns with bcryptprimitives!SymCryptFdefModInvGeneric. I've...

7.3AI score
Exploits0
Cvelist
Cvelist
added 2019/08/29 12:53 a.m.23 views

CVE-2019-5530

Windows binaries generated with InstallBuilder versions earlier than 19.7.0 are vulnerable to tampering even if they contain a valid Authenticode signature...

7.6AI score0.00943EPSS
Exploits0References1
Microsoft KB
Microsoft KB
added 2018/04/17 12:0 a.m.39 views

MS10-019: Description of the security update for Windows Authenticode Signature Verification: April 13, 2010

MS10-019: Description of the security update for Windows Authenticode Signature Verification: April 13, 2010 Support for Windows Vista Service Pack 1 SP1 ends on July 12, 2011. To continue receiving security updates for Windows, make sure you're running Windows Vista with Service Pack 2 SP2. For...

6.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2017/11/16 5:30 p.m.52 views

When you shouldn’t trust a trusted root certificate

Root certificates are the cornerstone of authentication and security in software and on the Internet. They're issued by a certified authority CA and, essentially, verify that the software/website owner is who they say they are. We have talked about certificates in general before, but a recent eve...

7.1AI score
Exploits0
Carbon Black Blog
Carbon Black Blog
added 2017/06/27 4:46 p.m.33 views

Protect Your Organization from Petya / NotPetya Ransomware with Carbon Black

Organizations from Russia to Britain were hit by a ransomware attack on Tuesday in a hack with similarities to the recent WannaCry attacks. Initial analysis showed that the malware seen is a recent variant of the Petya ransomware family based upon how it encrypts files and displays its ransom not...

7AI score
Exploits0
seebug.org
seebug.org
added 2017/04/04 12:0 a.m.118 views

Microsoft Windows PowerShell Security Feature Bypass Vulnerability (CVE-2017-0007)

Over the past few months, I have had the pleasure to work side-by-side with Matt Graeber @mattifestation and Casey Smith @subtee in their previous job roles, researching Device Guard user mode code integrity UMCI bypasses. If you aren't familiar with Device Guard, you can read more about it here:...

2.1CVSS6.5AI score0.11264EPSS
Exploits1
ThreatPost
ThreatPost
added 2015/06/15 11:21 a.m.13 views

Duqu 2.0 Attackers Used Stolen Foxconn Certificate to Sign Driver

The attackers behind the recently disclosed Duqu 2.0 APT have used stolen digital certificates to help sneak their malware past security defenses, and one of the certificates used in the attacks was issued to Foxconn, the Chinese company that manufactures products for Apple, BlackBerry, Dell, and...

0.3AI score
Exploits0References3
Check Point Advisories
Check Point Advisories
added 2014/01/20 12:0 a.m.70 views

Microsoft Windows WinVerifyTrust PE Validation Security Bypass (MS13-098; CVE-2013-3900)

A remote code execution vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the WinVerifyTrust function handles Windows Authenticode signature verification for portable executable PE files. A remote attacker could trigger this flaw by sending a...

7.6CVSS3.5AI score0.44647EPSS
Exploits1
NVD
NVD
added 2013/12/11 12:55 a.m.46 views

CVE-2013-3900

Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCheck is available in all currently supported versions of Windows 10 and Windows 11. While the forma...

8.8CVSS7.5AI score0.44647EPSS
Exploits1References4
Prion
Prion
added 2013/12/11 12:55 a.m.41 views

Input validation

The WinVerifyTrust function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 does not properly validate PE file digests during...

7.6CVSS8AI score0.44647EPSS
Exploits1References3Affected Software7
Symantec
Symantec
added 2013/12/10 12:0 a.m.347 views

Microsoft Windows CVE-2013-3900 Remote Code Execution Vulnerability

Description Microsoft Windows Authenticode Signature Verification is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting victim to run or install a specially modified signed Portable Executable PE file. Successful exploits can allow attacke...

7.6CVSS8.2AI score0.44647EPSS
Exploits1Affected Software14
OpenVAS
OpenVAS
added 2012/04/11 12:0 a.m.44 views

Windows Authenticode Signature Remote Code Execution Vulnerability (2653956)

This host is missing a critical security update according to Microsoft Bulletin MS12-024. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.3CVSS5.5AI score0.8878EPSS
Exploits1References5
NVD
NVD
added 2012/04/10 9:55 p.m.26 views

CVE-2012-0151

The Authenticode Signature Verification function in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview does not properly validate the digest of a signed portable executable P...

9.3CVSS7.3AI score0.8878EPSS
Exploits1References7
Rows per page
Query Builder