ThreatsDay Bulletin: AI Tools in Malware, Botnets, GDI Flaws, Election Attacks & More

Cybercrime has stopped being a problem of just the internet — it's becoming a problem of the real world. Online scams now fund organized crime, hackers rent violence like a service, and even trusted apps or social platforms are turning into attack vectors. The result is a global system where ever...

SUSE CVE-2008-2238

Multiple integer overflows in OpenOffice.org OOo 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow...

Microsoft Windows EMF Parsing Integer Truncation Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

CVE-2017-11249

Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the image conversion engine when parsing an invalid Enhanced Metafile Format EMF record. Successful exploitation...

Windows gdi32.dll heap-based out-of-bounds reads / memory disclosure (CVE-2017-0038)

In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library gdi32.dll. As a quick reminder, the DIB-embedding records follow a common scheme: they include four fields, spots denotin...

Microsoft Graphics Component 'gdi32.dll' Information Disclosure Vulnerability (MS17-013)

'gdi32.dll SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.809889";...

Microsoft Windows gdi32.dll - EMR_SETDIBITSTODEVICE Heap-Based Out-of-Bounds Reads Exploit

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library...

Microsoft Windows - gdi32.dll EMR_SETDIBITSTODEVICE Heap Out-of-Bounds Reads Memory Disclosure

Microsoft Windows - gdi32.dll EMRSETDIBITSTODEVICE Heap Out-of-Bounds Reads Memory Disclosure Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as...

Microsoft Windows - 'gdi32.dll' EMR_SETDIBITSTODEVICE Heap Out-of-Bounds Reads / Memory Disclosure

Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=992 In issue 757, I described multiple bugs related to the handling of DIBs Device Independent Bitmaps embedded in EMF records, as implemented in the user-mode Windows GDI library gdi32.dll. As a quick reminder, the DIB-embedding...