Design/Logic Flaw

Untrusted search path vulnerability in Installer for PrimeDrive Desktop Application version 1.4.4 and earlier allows remote attackers to execute arbitrary code via a specially crafted executable file in an unspecified directory...

elfintils 'elf_compress.c' file denial of service vulnerability

elfutils is a collection of utilities and libraries for reading, creating and modifying ELF binaries. A denial of service vulnerability exists in the elfcompress.c file in elfutils version 0.168. A remote attacker can exploit this vulnerability to cause a denial of service memory consumption with...

DEBIAN-CVE-2017-7611

The checksymtabshndx function in elflint.c in elfutils 0.168 allows remote attackers to cause a denial of service heap-based buffer over-read and application crash via a crafted ELF file...

icoutils: Access to unallocated memory possible in extract.c

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in failure to allocate memory or an over-large memcpy operation, leading to a crash...

Microsoft Windows Kernel Elevation of Privilege (MS17-017: CVE-2017-0050)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows kernel API enforces permissions. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

CVE-2017-6009

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution...

Integer overflow

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2017-5333

Integer overflow in the extractgroupiconcursorresource function in b/wrestool/extract.c in icoutils before 0.31.1 allows local users to cause a denial of service process crash or execute arbitrary code via a crafted executable file...

UBUNTU-CVE-2017-5332

The extractgroupiconcursorresource in wrestool/extract.c in icoutils before 0.31.1 can access unallocated memory, which allows local users to cause a denial of service process crash and execute arbitrary code via a crafted executable...

PT-2017-16436 · Icoutils +3 · Icoutils +3

Name of the Vulnerable Software and Affected Versions: icoutils versions prior to 0.31.1 Description: The issue is related to an integer overflow in the check offset function, which can be exploited by local users through a crafted executable. This can lead to a denial of service, causing the...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7226)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

Microsoft Windows VHDFS Driver Elevation of Privilege (MS16-138: CVE-2016-7225)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to insufficient specification for a certain flag. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

CVE-2016-1438

Cisco AsyncOS 9.7.0-125 on Email Security Appliance ESA devices allows remote attackers to bypass intended spam filtering via crafted executable content in a ZIP archive, aka Bug ID CSCuy39210...

file: limit the number of ELF notes processed

A flaw was found in the way the File Information fileinfo extension parsed Executable and Linkable Format ELF files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted ELF file...

Integer overflow

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service memory corruption and crash via a crafted packed executable...

Vulnerabilities of iOS and Mac OS X operating systems, which allow attackers to bypass the code signing protection mechanism

Vulnerabilities of iOS and Mac OS X operating systems exist due to insufficient checking of input data. Exploiting these vulnerabilities allows a local attacker to bypass the code signing protection mechanism by using a specially crafted executable file...

Android Debuggerd Debugger Device Memory Leak Vulnerability

debuggerd is a diagnostic daemon that comes with Android system for abnormal program exit. this process can detect program crash and output the process status information of the crashed program to the file and serial port. Debuggerd 4.0 Ice Cream Sandwich to Lollipop 5.x suffers from a security...

IBM Security AppScan Enterprise Arbitrary Code Execution Vulnerability

IBM Security AppScan Enterprise is a set of U.S. IBM Web application security testing solutions. Formerly known as IBM Rational AppScan Enterprise, the program supports simultaneous scanning of multiple Web applications , generate vulnerability reports and intelligent patching . IBM Security...