BinDiff 8

BinDiff is an open-source comparison tool for binary files to quickly find differences and similarities in disassembled code...

CVE-2020-21490

An issue was discovered in GNU Binutils 2.34. It is a memory leak when process microblaze-dis.c. This one will consume memory on each insn disassembled...

CVE-2020-35587

Affected product: Solstice Pod firmware. Vulnerability: decompilation/disassembly yields non-obfuscated code in versions prior to 3.0.3; root cause and exact impact of lack of obfuscation are not explicitly quantified in the provided docs. Impact: not clearly stated beyond the presence of non-obf...

Delving deep into VBScript

In late April we found and wrote a description of CVE-2018-8174, a new zero-day vulnerability for Internet Explorer that was picked up by our sandbox. The vulnerability uses a well-known technique from the proof-of-concept exploit CVE-2014-6332 that essentially "corrupts" two memory objects and...

Recognizing and Avoiding Disassembled Junk

There is a common annoyance that seems to plague every reverse engineer and incident responder at some point in their career: wasting time or energy looking at junk code. Junk code is a sequence of bytes that you have disassembled that are not actual instructions executed as part of a program. In...

CVE-2015-1860 analysis: Qt module for processing GIFs cause a crash-bug warning-the black bar safety net

Vulnerability background Qt is a cross-platform graphical interface programming Framework, and its version is less than 4. 8. 7 and 5. x is less than 5. 4. 2 analytical picture of the process for cross-border inspections of improper handling, will result in the memcpy of the process occurs out of...

BinDiff Now Free, To Delight of Security Researchers

BinDiff is a constant presence inside a security researcher’s toolbox, ideal for patch and malware analysis or reverse engineering of code. The Google-owned software allows researchers to conduct side-by-side comparisons of binary files in disassembled code looking for differences in the samples...

Binary Analysis IDE: BinDiff

BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...

Winamp 5.61 - 'in_midi' Component heap Overflow (crash only)

Exploit Title: Winamp 'inmidi' component heap overflow Date: 05/14/2011 Author: Alexander Gavrun http://0x1byte.blogspot.com/ Software Link: http://www.winamp.com/ Version: 5.61 Tested on: Windows 7 Vulnerability occur while parsing midi file with special crafted System Exclusive message type...

Winamp 5.61 'in_midi' component heap overflow (crash only)

Exploit for windows platform in category dos / poc Exploit Title: Winamp 'inmidi' component heap overflow Date: 05/14/2011 Author: Alexander Gavrun http://0x1byte.blogspot.com/ Software Link: http://www.winamp.com/ Version: 5.61 Tested on: Windows 7 Vulnerability occur while parsing midi file wit...