AppCheck and AppCheck Pro Untrustworthy Search Path Vulnerabilities

AppCheck and AppCheck Pro are both anti-tampering software. An untrusted search path vulnerability exists in AppCheck versions prior to 2.0.1.15 and AppCheck Pro versions prior to 2.0.1.15. An attacker can exploit this vulnerability to execute arbitrary code with the help of a specially crafted...

UBUNTU-CVE-2017-9038

GNU Binutils 2.28 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file, related to the bytegetlittleendian function in elfcomm.c, the getunwindsectionword function in readelf.c, and ARM unwind information that contains inval...

CVE-2017-2167

Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory...

Design/Logic Flaw

Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory...

elfintils 'elf_compress.c' file denial of service vulnerability

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A denial of service vulnerability exists in the elfcompress.c file in elfutils version 0.168. A remote attacker can exploit this vulnerability to cause a denial of service memory consumption with...

DEBIAN-CVE-2017-7611

The checksymtabshndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...

icoutils: Access to unallocated memory possible in extract.c

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash...

Microsoft Windows Kernel Elevation of Privilege (MS17-017: CVE-2017-0050)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows kernel API enforces permissions. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

CVE-2017-6009

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution...

Integer overflow

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

PT-2017-16436 · Icoutils +3 · Icoutils +3

Name of the Vulnerable Software and Affected Versions: icoutils versions prior to 0.31.1 Description: The issue is related to an integer overflow in the check offset function, which can be exploited by local users through a crafted executable. This can lead to a denial of service, causing the...

UBUNTU-CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7226)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7225)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

CVE-2016-1438

Cisco AsyncOS 9.7.0-125 on Email Security Appliance ESA devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210...

file: limit the number of ELF notes processed

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...

Integer overflow

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service memory corruption and crash via a crafted packed executable...