3 matches found
CVE-2019-16941
NSA Ghidra through 9.0.4, when experimental mode is enabled, allows arbitrary code execution if the Read XML Files feature of Bit Patterns Explorer is used with a modified XML document. This occurs in Features/BytePatterns/src/main/java/ghidra/bitpatterns/info/FileBitPatternInfoReader.java. An...
New Bug Found in NSA’s Ghidra Tool
A medium severity bug reported on Saturday impacts Ghidra, a free, open-source software reverse-engineering tool released by the National Security Agency earlier this year. The vulnerability allows a remote attacker to compromise exposed systems, according to a NIST National Vulnerability Databas...
CVE-2019-16941
CVE-2019-16941 affects NSA Ghidra up to 9.0.4. When the experimental mode is enabled, the Read XML Files feature of Bit Patterns Explorer can deserialize a modified XML document (originally produced by DumpFunctionPatternInfoScript) to trigger arbitrary code execution via Java runtime (e.g., Runt...