Sean Barrett stb_vorbis Buffer Overflow Vulnerability

Sean Barrett stbvorbis is a single-file public domain library based on C++. A buffer overflow vulnerability exists in the entire vorbis decoding path in Sean Barrett stbvorbis 1.12 and earlier. An attacker can exploit this vulnerability to corrupt memory, cause a denial of service, and execute a...

CVE-2018-7173

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

UBUNTU-CVE-2018-7173

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

Design/Logic Flaw

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

CVE-2018-7173

A large loop in JBIG2Stream::readSymbolDictSeg in xpdf 4.00 allows an attacker to cause denial of service via a specific file due to inappropriate decoding...

CVE-2018-7173

CVE-2018-7173 affects xpdf 4.00. A large loop in JBIG2Stream::readSymbolDictSeg can be exploited by a crafted PDF/file to trigger a denial of service. The description and connected sources consistently describe DoS via inappropriate decoding in JBIG2Stream::readSymbolDictSeg; no patch/version det...

CVE-2017-15341

Huawei AR3200 V200R008C20, V200R008C30, TE40 V600R006C00, TE50 V600R006C00, TE60 V600R006C00 have a denial of service vulnerability. The software decodes X.509 certificate in an improper way. A remote unauthenticated attacker could send a crafted X.509 certificate to the device. Successful exploi...

CVE-2017-15341

The CVE-2017-15341 issue affects Huawei AR3200 (V200R008C20/V200R008C30) and TE40/TE50/TE60 platforms (V600R006C00). The root cause is improper decoding of X.509 certificates, enabling a remote unauthenticated attacker to trigger a denial of service on the device. Public references indicate DoS i...

Word-based Malware Attack Doesn’t Use Macros

Typically, inbox-based attacks that include malicious Microsoft Office attachments require adversaries to trick users into enabling macros. But researchers say they have identified a new malicious email campaign that uses booby-trapped Office attachments that are macro-free. The attacks do not...

USN-3565-1 exim4 vulnerability

Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-3565-1: Exim vulnerability

Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

CVE-2018-1000050

Sean Barrett stbvorbis version 1.12 and earlier contains a Buffer Overflow vulnerability in All vorbis decoding paths. that can result in memory corruption, denial of service, comprised execution of host program. This attack appear to be exploitable via Victim must open a specially crafted Ogg...

Exim SMTP Mail Server Buffer Overflow Vulnerability

Exim is a MTA Mail Transfer Agent, Mail Transfer Agent server software, which is developed under the GPL and is open source software. The software mainly runs on UNIX-like systems. Usually the software will be used with Dovecot or Courier and other software. A buffer overflow vulnerability exists...

Exim SMTP server RCE via base64d

Exim SMTP email server versions before 4.90 are vulnerable to remote code execution via a vulnerability in Base64 decoding. Recent assessments: asoto-r7 at June 25, 2019 6:25pm UTC reported: There are a few PoCs for this one. Exim is a bear to setup and I wouldn’t be shocked to find unpatched...

IDAsec - IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform

IDA plugin for reverse-engineering and dynamic interactions with the Binsec platform Features Decoding an instruction in DBA IR Loading execution traces generated by Pinsec Triggering analyzes on Binsec and retrieving results Dependencies protobuf ZMQ capstone for trace disassembly graphviz to dr...

New Lossless Compression Codec (MDRLE) Added to HDX Thinwire Graphics

There are 3 Thinwire bitmap encoding modes used in current XenApp and XenDesktop Server OS and Desktop OS VDA graphics remoting: Full screen H.264 Thinwire Plus Thinwire Plus with selective H.264 Legacy GDI remoting uses the XPDM Remoting driver and so does not use a Thinwire bitmap encoder Curre...

ImpulseAdventure JPEGsnoop De-Zero Denial of Service Vulnerability

ImpulseAdventure JPEGsnoop is a Windows-based application for decoding JPEG files. The program is used to check and decode the internal information of JPEG, MotionJPEG and PhotoShop files. A numeric error vulnerability exists in the JFIF decoding processing in ImpulseAdventure JPEGsnoop version...

[SECURITY] Fedora 27 Update: libtasn1-4.13-1.fc27

A library that provides Abstract Syntax Notation One ASN.1, as specified by the X.680 ITU-T recommendation parsing and structures management, and Distinguished Encoding Rules DER, as per X.690 encoding and decoding func tions...

CVE-2018-6003

CVE-2018-6003 affects GNU Libtasn1 (libtasn1) with unlimited recursion in _asn1_decode_simple_ber in decoding.c, leading to stack exhaustion and DoS. Affected product: Cloud Pak for Security (CP4S) versions 1.8.1.0, 1.8.0.0, 1.7.2.0. Remediation: upgrade to CP4S 1.9.0.0. See remediation guidance ...

UBUNTU-CVE-2018-6003

An issue was discovered in the asn1decodesimpleber function in decoding.c in GNU Libtasn1 before 4.13. Unlimited recursion in the BER decoder leads to stack exhaustion and DoS...