VMSA-2016-0014 : VMware ESXi, Workstation, Fusion, & Tools updates address multiple security issues

a. VMware Workstation heap-based buffer overflow vulnerabilities via Cortado ThinPrint VMware Workstation contains vulnerabilities that may allow a windows -based virtual machine VM to trigger heap-based buffer overflows in the windows-based hypervisor running VMware workstation that the VM resid...

Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation

Zapya Desktop 1.803 - ZapyaService.exe Local Privilege Escalation Exploit Title: Zapya Desktop Version 'ZapyaService.exe' Privilege Escalation Date: 2016/9/12 Exploit Author: Arash Khazaei Vendor Homepage: http://www.izapya.com/ Software Link:...

Microsoft Windows10 AHCACHE.SYS Remote Denial Of Service

Summary A denial of service vulnerability exists in the AHCACHE.SYS driver. A specially crafted Portable Executable file can cause a bugcheck in the Windows kernel resulting in remote denial of service. Tested Versions Windows 10, AHCACHE.SYS version 10.0.10586.0 Tested on Windows 10 X86 Product...

Mozilla Thunderbird Security Advisories (MFSA2015-134, MFSA2015-149) - Mac OS X

Mozilla Thunderbird is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:mozilla:thunderbird";...

BlackHat issues resolved: Windows programs digital signature verification“vulnerability”-vulnerability warning-the black bar safety net

In this year's black hat conference, foreign a security researcher shows how by the Windows digital signature bypass for malicious code detection. Download the General Assembly of the presentation of the ppt probably looked at it, the report is divided into two parts, the first part shows the...

Avira Free Antivirus DLL Hijacking

Hi @ll, Avira's free antivirus full package executable installers, aviraantivirusen-us.exe, aviraantivirusde-de.exe etc., available from , etc., have multiple vulnerabilities: 1. the full package executable installers really: self- extracting RAR archives extract their payload the real installer...

FreeBSD : FreeBSD -- Multiple vulnerabilities in file(1) and libmagic(3) (70140f20-6007-11e6-a6c3-14dae9d210b8)

A specifically crafted Composite Document File CDF file can trigger an out-of-bounds read or an invalid pointer dereference. CVE-2012-1571 A flaw in regular expression in the awk script detector makes use of multiple wildcards with unlimited repetitions. CVE-2013-7345 A malicious input file could...

[SECURITY] Fedora 24 Update: flex-2.6.0-2.fc24

The flex program generates scanners. Scanners are programs which can recognize lexical patterns in text. Flex takes pairs of regular expressions and C code as input and generates a C source file as output. The output file is compiled and linked with a library to produce an executable. The...

DEBIAN-CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

UBUNTU-CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 2013 devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

Two Memory Corruption Vulnerabilities Exist in Antenna Defense

Anthem Defense is Anthem's antivirus program. Antenna Defense 7 Antivirus has two different memory corruption vulnerabilities when dealing with specific PE files, which allow attackers to exploit the vulnerabilities to construct malformed PE files that cause Antenna Defense 7 to crash due to memo...

Dynamic Network Analysis Tool: FakeNet-NG

Dynamic Network Analysis Tool FakeNet-NG is a next generation dynamic network analysis tool for malware analysts and penetration testers. It is open source and designed for the latest versions of Windows. FakeNet-NG is based on the excellent Fakenet tool developed by Andrew Honig and Michael...

Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)

A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this...

CVE-2016-5308

The Client Intrusion Detection System CIDS driver before 15.0.6 in Symantec Endpoint Protection SEP and before 15.1.2 in Norton Security allows remote attackers to cause a denial of service memory corruption and system crash via a malformed Portable Executable PE file...

InstantHMI 6.1 - Privilege Escalation

Exploit for windows platform in category local exploits Title: InstantHMI - EoP: User to ADMIN CWE Class: CWE-276: Incorrect Default Permissions Date: 01/06/2016 Vendor: Software Horizons Product: InstantHMI Version: 6.1 Download link: http://www.instanthmi.com/ihmisoftware.htm Tested on: Windows...

Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability

SUMMARY A denial of service vulnerability exists in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cause an access violation in IDSvix86 kernel driver resulting in denial of service. An attacker can trigger this vulnerability for...

Python 3.5.2 DLL Hijacking

Aloha, python-3.5.2.exe loads and executes fwbase.dll from its "application directory". For software downloaded with a web browser the applicationdirectory is typically the user's "Downloads" directory: see , and for "prior art" about this well-known and well-documented vulnerability. If an...

The vulnerability of the Linter Bastion database management system allows a malicious individual to cause errors in the program’s operation or execute arbitrary code.

The design of the RPC server linstmgr.exe is based on the assumption that client applications will always send valid data and behave as expected. Sending invalid data may cause errors in the program’s operation or may execute arbitrary code...

The vulnerability of the Linter Bastion database management system allows a malicious individual to replace and execute the executable file.

If the database management system Linter Bastion was installed without the “loltp.exe” module being installed, a malicious individual can place any executable file named “loltp.exe” in a directory that will be scanned by the executable file loader. Then, using RPC calls with numbers 0x1A...

Peach Fuzz - Vulnerability Scanning Framework

This tool aims to look through files in a given directory to detect any unsafe, vulnerable, or dangerous function calls. It is designed to be extensible and easy to understand; you can "plug-and-play" modules that specify criteria on which types of files will trigger what 'scans,' in which you...