9293 matches found
gdal: Heap-buffer-overflow in ReadBITDOUBLE
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=6516143747497984 Project: gdal Fuzzer: libFuzzergdalcadfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x60d000000747 Crash State: ReadBITDOUB...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
KLA11057 Arbitrary code execution vulnerability in Microsoft Malware Protection Engine
An improper scanning of specially designed files was found in Microsoft Malware Protection Engine in Microsoft Windows. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely by putting a specially designed file to a directory...
Subaru car software vulnerability analysis—never a failure of token-vulnerability warning-the black bar safety net
Not long ago, one from California car, information security researcher Aaron Guzman, in Australia, held a computer security conference to introduce a black into the Subaru car of the method. In his own 2017 Subaru WRX STI was found in a surprising number of software vulnerabilities, through these...
Description of the security update for Skype for Business 2016: June 13, 2017
Description of the security update for Skype for Business 2016: June 13, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...
gdal: Heap-buffer-overflow in InventoryParseTime
Detailed report: https://oss-fuzz.com/testcase?key=5048248932761600 Project: gdal Fuzzer: libFuzzergdalfuzzer Fuzz target binary: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address: 0x602000007cbd Crash State: InventoryParseTime...
Creating a Seamless User Experience with XenMobile Email Enrollment for Secure Mail SSO
With the recent Secure Mail update, you can now configure Citrix Secure Mail to provide single sign-on SSO for users through the use of an automatic provisioning mechanism during your first-time use. Secure Mail consumes the user credentials that users enter to authenticate to Secure Hub to...
gdal: Heap-buffer-overflow in memBitRead
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=6434613171847168 Project: gdal Fuzzer: libFuzzergdalfuzzer Fuzz target binary: gdalfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 1 Crash Address:...
Threat Round-up for May 19 - May 26
Today, Talos is publishing a glimpse into the most prevalent threats we've observed between May 19 and May 26. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Denial of Service Vulnerability
A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affecte...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...
Microsoft Malware Protection Engine Denial of Service Vulnerability
A denial of service vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affecte...
Oracle Automatic Service Request Local Vulnerability (CNVD-2017-08075)
Oracle Automatic Service Request is the ability to quickly save the system state when hardware problems occur, with features such as a secure and accelerated diagnostic process, automatic service request generation, and prioritized service request processing. A local security vulnerability exists...
Oracle Automatic Service Request Local Vulnerability (CNVD-2017-08119)
Oracle Automatic Service Request is the ability to quickly save the system state when hardware problems occur, with features such as a secure and accelerated diagnostic process, automatic service request generation, and prioritized service request processing. A local security vulnerability exists...
Oracle Automatic Service Request Unauthorized Access Vulnerability
Oracle Automatic Service Request, which can quickly save the system state when there is a hardware problem, has the ability to safely speed up the diagnostic process, automatic service request generation, and prioritized service request processing. A local security vulnerability exists in the 'AS...
Oracle Automatic Service Request Elevation of Privilege Vulnerability
Oracle Automatic Service Request, which can quickly save the system state when there is a hardware problem, has the ability to safely speed up the diagnostic process, automatic service request generation, and prioritized service request processing. A local security vulnerability exists in the 'AS...
gdal: Heap-buffer-overflow in NASReader::SetFeaturePropertyDirectly
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=4908186949648384 Project: gdal Fuzzer: libFuzzergdalogrfuzzer Fuzz target binary: ogrfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Heap-buffer-overflow READ 4 Crash Address:...
gdal: Stack-buffer-overflow in gdal_printbuf_memappend
Project: https://github.com/OSGeo/gdal.git Detailed report: https://oss-fuzz.com/testcase?key=5789067830624256 Project: gdal Fuzzer: libFuzzergdalogrfuzzer Fuzz target binary: ogrfuzzer Job Type: libfuzzerasangdal Platform Id: linux Crash Type: Stack-buffer-overflow READ Crash Address:...