8 matches found
HEUR.Trojan.Win32.Delf.gen Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/058ef1acc6456a924737d940f3cf81aa.txt Contact: [email protected] Media: twitter.com/malvuln Threat: HEUR.Trojan.Win32.Delf.gen Vulnerability: Insecure Permissions Description: The Batch VirusGen malwa...
Trojan-Spy.Win32.WinSpy.vwl Insecure Permissions
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/0187e62ca40cb3d556a2c5825620bd8f.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Trojan-Spy.Win32.WinSpy.vwl Vulnerability: Insecure Permissions EoP Description: WinSpy.vwl create t...
Crouzet em4 soft 1.1.04 / M3 soft 3.1.2.0 Insecure File Permissions
Crouzet em4 soft 1.1.04 and M3 soft 3.1.2.0 Insecure File Permissions Vendor: Crouzet Automatismes SAS Product web page: http://www.crouzet-automation.com Affected version: em4 soft 1.1.04 and 1.1.03.01 M3 soft 3.1.2.0 Summary: em4 is more than just a nano-PLC. It is a leading edge device...
On Windows, Fisheye attempts to make ssh keys private but appears to be unsucessful
While testing FE-4315 on Windows, I noticed that even when generating a private key using Fisheye, the files permissions do not appear to actually change. The code to make the file private is this, in FileSystemUtils: code if SystemUtils.ISOSWINDOWS String username = System.getenv"USERNAME"; Stri...
On Windows, Fisheye attempts to make ssh keys private but appears to be unsucessful
While testing FE-4315 on Windows, I noticed that even when generating a private key using Fisheye, the files permissions do not appear to actually change. The code to make the file private is this, in FileSystemUtils: code if SystemUtils.ISOSWINDOWS String username = System.getenv"USERNAME"; Stri...
Valve Steam Client Application 1559/1559 - Local Privilege Escalation
Valve Steam Client Application v1559/1559 Local Privilege Escalation Vendor: Valve Corporation Product web page: http://www.steampowered.com Affected version: Built: Jun 1, 2011 at 15:31:24 Steam API: v010 Steam package versions 1559 / 1559 File version: 1.0.968.628 Summary: Steam is a digital...
Microsoft Windows嵌入式OpenType字体引擎整数溢出漏洞(MS10-076)
BUGTRAQ ID: 43775 CVE ID: CVE-2010-1883 Microsoft Windows是微软发布的非常流行的操作系统。 Windows的t2embed.dll库中在将嵌入式OpenType文件转换为TrueType格式时存在整数溢出漏洞。在解析hdmx记录时,盲目的信任了记录大小和记录计数变量,并将所生成的值在拷贝循环中使用,这可能导致执行任意代码。 Microsoft Windows XP SP3 Microsoft Windows XP Pro x64版SP2 Microsoft Windows Vista SP2 Microsoft Windows...
Microsoft Office WPG图形文件处理堆溢出漏洞(MS08-044)
BUGTRAQ ID: 30598 CVECAN ID: CVE-2008-3021 Microsoft Office是非常流行的办公软件套件。 Office的WPGIMP32.FLT模块没有正确地处理office文档中的PICT图形,如果PICT图形文件中包含有超长的bitsperpixel字段的话,则打开该文件就可能触发堆溢出,导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office Converter Pack Microsoft Office 2003 Service Pack 2 Microsoft Office 2000 SP3...