[SECURITY] Fedora 24 Update: icoutils-0.31.2-1.fc24

The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. These files usually have the extension .ico or .cur, but they can also be embedded in executables or libraries...

Path traversal

Unquoted executable path vulnerability in Client Management and Gateway components in McAfee now Intel Security ePO Deep Command eDC 2.2 and 2.1 allows authenticated users to execute a command of their choice via dropping a malicious file for the path...

CVE-2016-8008

Privilege escalation vulnerability in Windows 7 and Windows 10 in McAfee Security Scan Plus SSP 3.11.376 allows attackers to load a replacement of the version.dll file via McAfee McUICnt.exe onto a Windows system...

CVE-2015-8988

CVE-2015-8988 concerns an unquoted executable path vulnerability in the McAfee/ePO Deep Command (eDC) Client Management and Gateway components. The affected versions are eDC 2.2 and 2.1. The issue allows an authenticated user to execute arbitrary commands by dropping a malicious file in the unquo...

Microsoft Windows Kernel Elevation of Privilege (MS17-017: CVE-2017-0050)

An elevation of privilege vulnerability exists in Microsoft Windows. The vulnerability is due to the way Windows kernel API enforces permissions. A remote attacker can exploit this vulnerability by enticing a user to run a specially crafted executable...

Introduction to Reverse Engineering Cocoa Applications

While not as common as Windows malware, there has been a steady stream of malware discovered over the years that runs on the OS X operating system, now rebranded as macOS. February saw three particularly interesting publications on the topic of macOS malware: a Trojan Cocoa application that sends...

CVE-2017-6009

A vulnerability was found in icoutils, in the wrestool program. An attacker could create a crafted executable that, when read by wrestool, could result in memory corruption leading to a crash or potential code execution...

CVE-2016-9693

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be...

Design/Logic Flaw

IBM Business Process Manager 7.5, 8.0, and 8.5 has a file download capability that is vulnerable to a set of attacks. Ultimately, an attacker can cause an unauthenticated victim to download a malicious payload. An existing file type restriction can be bypassed so that the payload might be...

WordPress Mobile App Native 3.0 Shell Upload Vulnerability

WordPress Mobile App Native plugin version 3.0 suffers from a remote shell upload vulnerability. Title: Remote file upload vulnerability in Wordpress Plugin Mobile App Native 3.0 Vulnerability Date: 2017-02-27 Download: https://wordpress.org/plugins/zen-mobile-app-native/ Vendor:...

Shellcode Builder: Shell Factory

Shellcode Builder: Shell Factory Shell Factory is a framework for compiling shellcodes from a C++ source for multiple systems and architectures. It is composed of multiple parts: a Rakefile for compiling and linking against different compilers and architectures. the factory, a set of C++ headers ...

Windows/x86 - Executable Directory Search Shellcode (130 bytes)

Title: Windows x86 - Executable directory search Shellcode 130 bytes Date: 26-02-2017 Author: Krzysztof Przybylski Platform: Winx86 Tested on: WinXP SP1 Shellcode Size: 130 bytes / Description: write & exec dir searcher starts from C:\ If dir found then write, execute ping 127.1.1.1 and exit If...

Windows x86 - Executable Directory Search Shellcode (130 bytes)

Windows x86 - Executable Directory Search Shellcode 130 bytes. Shellcode exploit for Winx86 platform Title: Windows x86 - Executable directory search Shellcode 130 bytes Date: 26-02-2017 Author: Krzysztof Przybylski Platform: Winx86 Tested on: WinXP SP1 Shellcode Size: 130 bytes / Description:...

Integer overflow

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

CVE-2016-2226

Integer overflow in the stringappends function in cplus-dem.c in libiberty allows remote attackers to execute arbitrary code via a crafted executable, which triggers a buffer overflow...

Microsoft Office Word Malicious Macro Execution

This module injects a malicious macro into a Microsoft Office Word document docx. The comments field in the metadata is injected with a Base64 encoded payload, which will be decoded by the macro and execute as a Windows executable. For a successful attack, the victim is required to manually enabl...

Cisco AsyncOS Software for Cisco ESA Filtering Bypass Vulnerability

A vulnerability in the Multipurpose Internet Mail Extensions MIME scanner of Cisco AsyncOS Software for Cisco Email Security Appliances ESA could allow an unauthenticated, remote attacker to bypass configured user filters on the device. The vulnerability is due to improper error handling of a...

CVE-2016-8354

An issue was discovered in Schneider Electric Unity PRO prior to V11.1. Unity projects can be compiled as x86 instructions and loaded onto the PLC Simulator delivered with Unity PRO. These x86 instructions are subsequently executed directly by the simulator. A specially crafted patched Unity...