Denial of Service Vulnerability in WPS Office 2016 Presentation (CNVD-2018-04912)

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by attackers to cause a denial of service attack...

Stack Overflow Vulnerability in WPS Office 2016 Presentation

WPS office is an office software suite independently developed by Kingsoft Corporation. A stack overflow vulnerability exists in WPS presentation wpp.exe in WPS when parsing a specific pptx file, which can be exploited by an attacker to cause a denial of service attack...

DEBIAN-CVE-2018-7570

The assignfilepositionsfornonloadsections function in elf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service NULL pointer dereference and application crash via an ELF file with a RELRO segment that lack...

DEBIAN-CVE-2018-7569

dwarf2.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer underflow or overflow, and application crash via an ELF file with a corrupt DWARF FORM block, as demonstrated by nm...

UBUNTU-CVE-2018-7568

The parsedie function in dwarf1.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.30, allows remote attackers to cause a denial of service integer overflow and application crash via an ELF file with corrupt dwarf1 debug information, as demonstrated by nm...

CannibalRAT targets Brazil

This post was authored by Warren Mercer and Vitor Ventura Introduction Talos has identified two different versions of a RAT, otherwise known as a remote access trojan, that has been written entirely in Python and is wrapped into a standalone executable. The RAT is impacting users of a Brazilian...

Denial of Service Vulnerability in WPS Office 2016 Forms

WPS office is an office software suite independently developed by Kingsoft Corporation. A denial of service vulnerability exists in WPS Formset.exe in WPS when parsing a specific xls file. An attacker can exploit the vulnerability to cause a denial of service...

Threat Analysis: ROKRAT Malware

ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...

Carbon Black Denial of Service Vulnerability

Carbon Black is a suite of endpoint security solutions from US-based Carbon Black. The solution provides features such as threat monitoring, threat alerts and malicious domain lists. A security vulnerability exists in the cb.exe file in Carbon Black version 5.1.1.60603. An attacker could exploit...

CVE-2018-1411

IBM Notes Diagnostics IBM Client Application Access and IBM Notes could allow a local user to execute commands on the system. By crafting a command line sent via the shared memory IPC, which could be tricked into executing an executable chosen by the attacker. IBM X-Force ID: 138710...

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

CVE-2018-7217

In Bravo Tejari Procurement Portal, uploaded files are not properly validated by the application either on the client or the server side. An attacker can take advantage of this vulnerability and upload malicious executable files to compromise the application, as demonstrated by an...

Google Chrome Unspecified Security Vulnerability (Feb 2018) - Mac OS X

Google Chrome is prone to an unspecified remote security vulnerability. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Update to add SHA-2 code signing support for Windows Server 2008 SP2

Update to add SHA-2 code signing support for Windows Server 2008 SP2 Summary This update provides support for the Secure Hash Algorithm-2 SHA-2 code signing and verification functionality in the 64-bit version of Windows Server 2008 Service Pack 2 SP2 which includes the following: Support for...

SoftZone office demo prone to memory overflow vulnerability

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. A memory overflow vulnerability exists in RZoffice Presentations.exe when processing special ppt files. An attacker can exploit the...

SoftZone office demo prone to null pointer reference vulnerability (CNVD-2018-04281)

SoftZone Office RZoffice is an office software, which is compatible with MS Office and consists of three parts: word processing, spreadsheet and presentation. RZoffice Presentations.exe has a null pointer reference vulnerability when handling special ppt files. An attacker can exploit the...

EulerOS 2.0 SP2 : nautilus (EulerOS-SA-2018-1034)

According to the version of the nautilus packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An untrusted .desktop file with executable permission set could choose its displayed name and icon, and execute commands without warning when...

CVE-2016-8742

The Windows installer that the Apache CouchDB team provides was vulnerable to local privilege escalation. All files in the install inherit the file permissions of the parent directory and therefore a non-privileged user can substitute any executable for the nssm.exe service launcher, or CouchDB...

glibc - '$ORIGIN' Expansion Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule "glibc '$ORIGIN' Expansion Privilege Escalation", 'Description' = %q This...

glibc '$ORIGIN' Expansion Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/exploit/local/linux' require 'msf/core/exploit/exe' class MetasploitModule "glibc '$ORIGIN' Expansion Privilege Escalation", 'Description' = %q This...