Antenna Defense Memory Corruption Vulnerability

Anthem Defense is Anthem's antivirus program. Antenna Defense 7 Antivirus has a memory corruption vulnerability when dealing with PE files, which allows attackers to exploit the vulnerability to construct malformed PE files that can cause Antenna Defense 7 to crash due to memory corruption while...

Memory Corruption Vulnerability in Dr. An Antivirus

Dr. An antivirus is a security product. Dr. An Antivirus has a memory corruption vulnerability when dealing with PE files, which allows attackers to exploit the vulnerability to construct malformed PE files, allowing Dr. An to terminate the scan due to memory corruption during scanning or cause a...

Apache Camel: source code security analysis report

Several vulnerabilities were discovered in The Apache Software Foundation 'Apache Camel' software: Using Synchronization Primitives in EJB components Missing Verification of Executable Files' Digital Signature when Executing them from Untrusted Sources Violating the Java Object Model Using...

Mozilla Firefox / Thunderbird DLL Hijacking

Hi @ll despite better knowledge and MULTIPLE bug/vulnerability reports see , , , ... Mozilla continues to ship Firefox and Thunderbird for Windows with a vulnerable executable installer. Proof of concept/demonstration: 1. visit , download and save it as ShimEng.dll in your "Downloads" folder, the...

New Downloader for Locky

Through DTI Intelligence analysis, We have been observing Locky malware rise to fame recently. Locky is ransomware that is aggressively distributed via downloaders attached in spam emails, and it may have surpassed the Dridex banking trojan in popularity. In previous campaigns, the ransomware was...

HP Data Protector 6.10 / 6.11 / 6.20 Install Service

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'HP Data Protector 6.10/6.11/6.20 Install Service', 'Description' = %q This module exploits HP Data Protector Omniinet process o...

ROPInjector - Convert any Shellcode in ROP and patch it into a given Portable Executable (PE)

A tool written in C Win32 to convert any shellcode in ROP and patch it into a given portable executable PE. It supports only 32-bit target PEs and the x86 instruction set. Published in Blackhat USA 2015, "ROPInjector: Using Return Oriented Programming for Polymorphism and Antivirus Evasion" More...

Linux/x86_64 - Read /etc/passwd - 65 bytes

Linux/x8664 - Read /etc/passwd - 65 bytes. Shellcode exploit for linx86-64 platform / --------------------------------------------------------------------------------------------------- Linux/x8664 - Read /etc/passwd - 65 bytes Ajith Kp @ajithkp560 http://www.terminalcoders.blogspot.com Om Asato...

Avast Memory Corruption Vulnerability

Avast is a suite of antivirus software from the Czech company Avast Avast. A security vulnerability exists in Avast that can be exploited by remote attackers to cause a denial of service memory corruption or execute arbitrary code with the help of a specially crafted PE file...

WordPress ACF Frontend Display Plugin Arbitrary File Upload

An Arbitrary File Upload vulnerability exists in WordPress Advanced custom Fields ACF Frontend Display Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Panda Security URL Filtering < 4.3.1.9 - Local Privilege Escalation

CVE: CVE-2015-7378 Vendor: Panda Security Reported by: Kyriakos Economou Date of Release: 05/04/2016 Affected Products: Multiple Affected Version: Panda Security URL Filtering v4.3.1.9 Fixed Version: Panda Security URL Filtering v4.3.1.9 Description: All Panda Security 2016 Home User products for...

Autodesk Backburner Stack Buffer Overflow Vulnerability

Backburner is network rendering management software. A stack buffer overflow vulnerability exists in Backburner Manager's manager.exe in Backburner 2016 2016.0.0.2150 and earlier versions. A remote attack can exploit this vulnerability by constructing commands that execute arbitrary code or cause...

CVE-2016-0226

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...

CVE-2016-0226

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...

Design/Logic Flaw

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...

CVE-2016-0226

The client implementation in IBM Informix Dynamic Server 11.70.xCn on Windows does not properly restrict access to the 1 nsrd, 2 nsrexecd, and 3 portmap executable files, which allows local users to gain privileges via a Trojan horse file...

Comodo - PackMan Unpacker Insufficient Parameter Validation

Exploit for windows platform in category dos / poc Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=764 Packman is an obscure opensource executable packer that Comodo Antivirus attempts to unpack during scanning. The code is available online here:...

Comodo - PackMan Unpacker Insufficient Parameter Validation

Comodo - PackMan Unpacker Insufficient Parameter Validation Source: https://bugs.chromium.org/p/project-zero/issues/detail?id=764 Packman is an obscure opensource executable packer that Comodo Antivirus attempts to unpack during scanning. The code is available online here:...

AppLocker - Execution Prevention Bypass (Metasploit)

Exploit for windows platform in category local exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class Metasploit4 'AppLocker Execution Prevention Bypass', 'Description' = %q This module will generate a .NET...

Analyzing Linux Malware Sandbox: Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...