75 matches found
Design/Logic Flaw
Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service out-of-memory exception and inability to analyze code via a crafted Mach-O file...
Design/Logic Flaw
Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface."...
CVE-2011-1049
Buffer overflow in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service crash and possibly execute arbitrary code via a crafted Macho-O file...
CVE-2011-1051
Integer overflow in the COFF/EPOC/EXPLOAD input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation...
CVE-2011-1053
Unspecified vulnerability in the Mach-O input file loader in Hex-Rays IDA Pro 5.7 and 6.0 allows user-assisted remote attackers to cause a denial of service out-of-memory exception and inability to analyze code via a crafted Mach-O file...
CVE-2011-1054
Unspecified vulnerability in the PEF input file loader in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors...
CVE-2011-1050
Unspecified vulnerability in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to "converson of string encodings" and "inconsistencies in the handling of UTF8 sequences by the user interface."...
CVE-2011-1052
Integer overflow in the PSX/GEOS input file loaders in Hex-Rays IDA Pro 5.7 and 6.0 has unknown impact and attack vectors related to memory allocation...
CVE-2011-1054
Hex-Rays IDA Pro CVE-2011-1054 affects the PEF input file loader in IDA Pro versions 5.7 and 6.0. The connected OpenVAS entries describe Hex-Rays IDA Pro multiple vulnerabilities, but do not provide concrete exploit vectors or root-cause details for this CVE. The impact in the CVE entry is stated...
CVE-2011-1051
Hex-Rays IDA Pro versions 5.7 and 6.0 are affected by CVE-2011-1051 due to an integer overflow in the COFF/EPOC/EXPLOAD input file loaders. The NVD entry notes unknown impact, while OpenVAS and other feeds corroborate multiple vulnerabilities in IDA Pro. Remediation in practice is to update to a ...
CVE-2011-1049
CVE-2011-1049 affects Hex-Rays IDA Pro versions 5.7 and 6.0, where the Mach-O input file loader contains a buffer overflow in its Mach-O parsing. The vulnerability can be triggered by a crafted Mach-O file and may allow user-assisted remote attackers to cause a crash (DoS) and potentially execute...
CVE-2011-1053
Hex-Rays IDA Pro is affected by a vulnerability in the Mach-O input file loader (IDA Pro versions 5.7 and 6.0) that allows user‑assisted remote attackers to trigger a denial of service (out‑of‑memory and inability to analyze code) by using a crafted Mach‑O file. The OpenVAS/OpenVAS‑style entry an...
CVE-2011-1050
Hex-Rays IDA Pro versions 5.7 and 6.0 are affected by CVE-2011-1050. The description notes an unspecified vulnerability with unknown impact and attack vectors related to the conversion of string encodings and inconsistencies in the handling of UTF-8 sequences in the user interface. OpenVAS and re...
KLA10216 Multiple vulnerabilities in IDA Pro
Multiple critical vulnerabilities have been found in IDA Pro. Malicious users can exploit these vulnerabilities to cause denial of service, execute arbitrary code or conduct other unknown attacks. Below is a complete list of vulnerabilities 1. Unspecified vulnerabilities can be exploited from...
IDA Pro QNX文件加载器拒绝服务漏洞
IDA Pro是非常流行的静态反编译软件。 IDA Pro使用了不同的文件加载器来反汇编不同格式的文件,其中QNX文件加载器中的漏洞可能触发死循环,导致耗尽100%的CPU资源,无法继续进行反汇编。 以下for循环用于对输入文件中的每个lmfdata结构都进行一次迭代,根据sizeoflmfdata + lmfdata.offset向前移动文件指针。但如果lmfdata.offset == -sizeoflmfdata,由于没有增加,因此代码会陷入死循环: From \ldr\qnx\qnx.cpp50: foruint32 at =...