Updated GravityRAT Malware Adds Advanced AV Detection

Researchers tracking the evolution of the remote access trojan GravityRAT warn that developers behind the malware have made key changes to the RAT’s code in an attempt to decrease antivirus detection. “We’ve seen file exfiltration, remote command execution capability and anti-vm techniques added...

Heap overflow

An exploitable heap corruption vulnerability exists in the DocGetFontTable functionality of AntennaHouse DMC HTMLFilter. A specially crafted doc file can cause a heap corruption resulting in arbitrary code execution. An attacker can send/provide malicious doc file to trigger this vulnerability...

The vulnerability of the LibXLST transformation library allows a attacker to cause a service failure or exert other effects.

The vulnerability of the numbers.c file in the LibXLST library is related to errors in name space handling. Exploiting this vulnerability can allow a malicious actor to cause service failures or other effects through a specially crafted document...

The vulnerability of the libxml2 library, which allows a hacker to trigger a service failure

The vulnerability of the htmlParseNameComplex function in the libxml2 library is caused by buffer overflow. Exploiting this vulnerability could allow an attacker to trigger a service failure memory overflow through the use of a specially crafted XML document...

CVE-2016-2073

The htmlParseNameComplex function in HTMLparser.c in libxml2 allows attackers to cause a denial of service out-of-bounds read via a crafted XML document...

Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements

Overview Microsoft Internet Explorer IE contains a buffer overflow vulnerability that can be exploited to execute arbitrary code with the privileges of the user running IE. Description A heap buffer overflow vulnerability exists in the way IE handles the SRC and NAME attributes of HTML elements...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted from the Local Zone or other Security Zones with relaxed security...

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation

Microsoft Internet Explorer 6 - ADODB.Stream Object File Installation source: https://www.securityfocus.com/bid/10514/info Microsoft Internet Explorer is prone to a security weakness that may permit malicious HTML documents to create or overwrite files on a victim file system when interpreted fro...