75 matches found
CVE-2024-44083
ida64.dll in Hex-Rays IDA Pro through 8.4 crashes when there is a section that has many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked. NOTE: in many use cases, this is an inconvenience but not a security issue...
CVE-2024-44083
CVE-2024-44083 affects Hex-Rays IDA Pro (IDA64.dll)
PT-2024-30940
Name of the Vulnerable Software and Affected Versions Hex-Rays IDA Pro versions 8.4 and earlier Description The issue occurs when there is a section with many jumps linked, and the final jump corresponds to the payload from where the actual entry point will be invoked, causing ida64.dll in Hex-Ra...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
Memory corruption
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
A memory corruption in Hex Rays Ida Pro v6.6 allows attackers to cause a Denial of Service DoS via a crafted file. Related to Data from Faulting Address controls subsequent Write Address starting at msvcrt!memcpy+0x0000000000000056...
CVE-2022-32441
The CVE-2022-32441 entry describes a memory corruption in Hex-Rays IDA Pro v6.6 that can cause a Denial of Service via a crafted file. The root cause is described as Data from Faulting Address controlling the subsequent Write Address starting at msvcrt!memcpy+0x56. The vulnerability affects IDA P...
Hex Rays Ida Pro 缓冲区错误漏洞
Hex Rays Ida Pro is a powerful disassembler and a versatile debugger from Hex Rays Belgium. It is commonly used for reverse engineering. A security vulnerability exists in Hex Rays Ida Pro version v6.6, which originates from a memory corruption. An attacker could exploit the vulnerability to caus...
efiXplorer - IDA Plugin For UEFI Firmware Analysis And Reverse Engineering Automation
efiXplorer - IDA plugin for UEFI firmware analysis and reverse engineering automation Supported versions of Hex-Rays products: everytime we focus on last versions of IDA and Decompiler because we try to use most recent features from new SDK releases. That means we tested only on recent versions o...
Reverse Engineering Tools: Evaluating the True Cost
When sourcing software for business needs, what criteria should you follow? Price typically tops the list. And sure, free software, like the Linux OS, delivers cost savings, stability, flexibility and ongoing development. No argument there. But when it comes to decompilers, which are used for...
FIDL: FLARE’s IDA Decompiler Library
IDA Pro and the Hex Rays decompiler are a core part of any toolkit for reverse engineering and vulnerability research. In a previous blog post we discussed how the Hex-Rays API can be used to solve small, well-defined problems commonly seen as part of malware analysis. Having access to a...
IDArling - Collaborative Reverse Engineering Plugin For IDA Pro & Hex-Rays
IDArling is a collaborative reverse engineering plugin for IDA Pro and Hex-Rays. It allows to synchronize in real-time the changes made to a database by multiple users, by connecting together different instances of IDA Pro. The main features of IDArling are: hooking general user events structure...
HexRaysCodeXplorer - Hex-Rays Decompiler Plugin For Better Code Navigation
The Hex-Rays Decompiler plugin for better code navigation in RE process. CodeXplorer automates code REconstruction of C++ applications or modern malware like Stuxnet, Flame, Equation, Animal Farm ... The CodeXplorer plugin is one of the first publicly available Hex-Rays Decompiler plugins. We kee...
IDA-minsc Wins Second Place in Hex-Rays Plugins Contest
Introduction Ali Rizvi-Santiago of Cisco Talos recently tied for second place in the IDA plugin contest with a plugin named "IDA-minsc." IDA is a multi-processor disassembler and debugger created by the company Hex-Rays and this year there were a total of four winners with nine submissions total...
Solving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license from Hex-Rays. The ability to switch between disassembled a...
Solving Ad-hoc Problems with Hex-Rays API
Introduction IDA Pro is the de facto standard when it comes to binary reverse engineering. Besides being a great disassembler and debugger, it is possible to extend it and include a powerful decompiler by purchasing an additional license from Hex-Rays. The ability to switch between disassembled a...
FLARE IDA Pro Script Series: Simplifying Graphs in IDA
Introduction We’re proud to release a new plug-in for IDA Pro users – SimplifyGraph – to help automate creation of groups of nodes in the IDA’s disassembly graph view. Code and binaries are available from the FireEye GitHub repo. Prior to this release we submitted it in the 2017 Hex-Rays plugin...
Binary Analysis IDE: BinDiff
BinDiff is a comparison tool for binary files that helps to quickly find differences and similarities in disassembled code. It is used by security researchers and engineers across the globe to identify and isolate fixes for vulnerabilities in vendor-supplied patches and to analyze multiple versio...
Hex-Rays IDA Pro Buffer Overflow Vulnerability
Hex-Rays IDA Pro is a set of static decompiler software from Hex-Rays Belgium. A buffer overflow vulnerability exists in Hex-Rays IDA Pro versions prior to 6.6 cumulative fix 2014-12-24, no detailed vulnerability details are provided at this time...