PT-2019-13593 · Upx Team +2 · Upx +2

Name of the Vulnerable Software and Affected Versions: UPX version 3.95 Description: The issue allows remote attackers to cause a denial of service, which may result in a SEGV or buffer overflow, and application crash, via a crafted UPX packed file. The canUnpack function in p vmlinx.cpp is...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

Privilege escalation

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

CVE-2019-1010100

Akeo Consulting Rufus 3.0 and earlier is affected by: DLL search order hijacking. The impact is: Arbitrary code execution WITH escalation of privilege. The component is: Executable installers, portable executables ALL executables on the web site. The attack vector is: CAPEC-471, CWE-426, CWE-427...

Solaris 10 (x86) : 153061-01

Vulnerability in the Oracle Solaris product of Oracle Sun Systems Products Suite component: Common Desktop Environment. The supported version that is affected is 10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Solaris executes to...

DEBIAN-CVE-2019-1010023

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstrea...

CVE-2019-5981

Improper authorization vulnerability in VAIO Update 7.3.0.03150 and earlier allows an attackers to execute arbitrary executable file with administrative privilege via unspecified vectors...

The vulnerability in the XNU kernel of iOS, Mac OS, and TV OS allows attackers to perform unauthorized changes to the memory shared among processes.

The vulnerability of the XNU-based operating systems such as iOS, Mac OS, and TV OS is related to errors in the memory initialization mechanism. Exploiting this vulnerability allows an attacker to perform unauthorized changes to the memory shared among processes, using specially crafted executabl...

CVE-2019-10167

The virConnectGetDomainCapabilities libvirt API accepts an "emulatorbin" argument to specify the program providing emulation for a domain. Since v1.2.19, libvirt will execute that program to probe the domain's capabilities. Read-only clients could specify an arbitrary path for this argument,...

CVE-2018-4048

An exploitable local privilege elevation vulnerability exists in the file system permissions of the Temp directory in GOG Galaxy 1.2.48.36 Windows 64-bit Installer. An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with...

DEBIAN-CVE-2017-15652

Artifex Ghostscript 9.22 is affected by: Obtain Information. The impact is: obtain sensitive information. The component is: affected source code file, affected function, affected executable, affected libga imagemagick used that. The attack vector is: Someone must open a postscript file though...

CVE-2019-11687

An issue was discovered in the DICOM Part 10 File Format in the NEMA DICOM Standard 1995 through 2019b and continuing in current implementations. The 128-byte preamble of a DICOM file that complies with this specification can contain arbitrary executable headers for multiple operating systems,...

Access Controls Bypass

Mozilla Thunderbird is vulnerable to access controls bypass. File downloads encoded with blob: and data: URL elements bypassed normal file download checks though the Phishing and Malware Protection feature and its block lists of suspicious sites and files. Malicious sites could lure users into...

Remote code execution

Dell SupportAssist Client versions prior to 3.2.0.90 contain a remote code execution vulnerability. An unauthenticated attacker, sharing the network access layer with the vulnerable system, can compromise the vulnerable system by tricking a victim user into downloading and executing arbitrary...

CVE-2018-4049

An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 Windows 64-bit Installer. An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevat...

Linux: SGID files

When the SGID set group ID bit is set on an executable, it executes with the GID of the owner. This may be intended for some executables. Add files with SGID bit which should be allowed to have this bit set in the preference. This script checks if any other local files than the given have the SGI...

Linux: SUID files

When the SUID set user ID bit is set on an executable, it executes with the UID of the owner. This may be intended for some executables. Add files with SUID bit which should be allowed to have this bit set in the preference. This script checks if any other local files than the given have the SUID...

Dissecting a NETWIRE Phishing Campaign's Usage of Process Hollowing

Introduction Malware authors attempt to evade detection by executing their payload without having to write the executable file on the disk. One of the most commonly seen techniques of this "fileless" execution is code injection. Rather than executing the malware directly, attackers inject the...

Separ Malware Plucks Hundreds of Companies' Credentials in Ongoing Phish

An ongoing phishing campaign is using malicious PDF documents to spread Separ malware and ultimately steal victims’ browser and email credentials. Since the attack started at the end of January, it has affected around 200 companies and over 1,000 individuals, located mainly in Southeast Asia, the...