27 matches found
EUVD-2007-4184
Malware in sbrugna...
CISA, US, and International Partners Release Joint Guidance to Assist Software Manufacturers with Safe Software Deployment Processes
Today, CISA—along with U.S. and international partners—released joint guidance, Safe Software Deployment: How Software Manufacturers Can Ensure Reliability for Customers. This guide aids software manufacturers in establishing secure software deployment processes to help ensure software is reliabl...
Multiple Vulnerabilities in Guidance Software EnCase
A denial of service and heap buffer overflow vulnerability in Guidance Software EnCase 7.0 and earlier can be exploited by an attacker to execute arbitrary code within the user context of an affected application. A failed exploit attempt may result in a denial of service condition...
Guidance EnCase fails to detect more than 25 partitions
Overview Guidance Software's EnCase Forensic can only detect the first 25 partitions on a volume. Description Guidance Software's EnCase Forensic is a tool that allows an investigator to acquire and analyze a disk image. EnCase names partitions either c: through z:, with an additional partition...
CVE-2007-4202
Guidance Software EnCase Enterprise Edition EEE 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet EEE servlet, which might allow remote attackers to spoof the disk image...
CVE-2007-4201
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035...
Design/Logic Flaw
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035...
Design/Logic Flaw
Guidance Software EnCase Enterprise Edition EEE 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet EEE servlet, which might allow remote attackers to spoof the disk image...
CVE-2007-4194
Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service stack memory consumption and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might...
CVE-2007-4194
Guidance Software EnCase 5.0 allows user-assisted remote attackers to cause a denial of service stack memory consumption and possibly have other unspecified impact via a malformed file, related to "EnCase's file system parsing." NOTE: this information is based upon a vague pre-advisory. It might...
CVE-2007-4194
CVE-2007-4194 concerns Guidance Software EnCase 5.0 and describes user‑assisted remote denial of service via a malformed file, related to EnCase’s file system parsing. The core weakness centers on how EnCase parses certain inputs, potentially causing stack memory consumption and unspecified impac...
CVE-2007-4201
CVE-2007-4201 concerns Guidance Software’s EnCase (versions 6.2/6.5). The issue: EnCase may fail to properly handle a volume with more than 25 partitions, making hidden or extra partitions potentially inaccessible for examination. The root cause is a limitation in partition visibility that preven...
CVE-2007-4201
Guidance Software EnCase 6.2 and 6.5 does not properly handle a volume with more than 25 partitions, which might allow remote attackers to prevent examination of certain data, a related issue to CVE-2007-4035...
CVE-2007-4202
Guidance Software EnCase Enterprise Edition EEE 6 does not properly verify the identity of the acquisition target during communication with the EnCase Servlet EEE servlet, which might allow remote attackers to spoof the disk image...
CVE-2007-4202
Affected software: Guidance Software EnCase Enterprise Edition (EEE) 6. The vulnerability arises from weak identity verification between the EnCase SAFE server, the EnCase Servlet on target machines, and the target image request. The EnCase SAFE uses IP authentication to verify the servlet, enabl...
CVE-2007-4037
Guidance Software EnCase allows user-assisted attackers to trigger a buffer over-read and application crash via a malformed NTFS filesystem containing a modified FILE record with a certain large offset. NOTE: the vendor disputes the significance of this issue, asserting that relevant attackers...
CVE-2007-4036
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via 1 a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; 2 a corrupted NTFS filesystem, which causes the application to report "memory allocation...
Design/Logic Flaw
Guidance Software EnCase allows user-assisted remote attackers to cause a denial of service via 1 a corrupted Microsoft Exchange database, which triggers an application crash when many options are selected; 2 a corrupted NTFS filesystem, which causes the application to report "memory allocation...
Design/Logic Flaw
Guidance Software EnCase does not properly handle 1 certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; 2 NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...
CVE-2007-4035
Guidance Software EnCase does not properly handle 1 certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; 2 NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain...