CVE-2026-40026

CVE-2026-40026 affects The Sleuth Kit up to version 4.14.0. The ISO9660 SUSP extension parser’s parse_susp() trusts length fields (len_id, len_des, len_src) from the disk image and copies data into a stack buffer without validating source bounds, enabling reads past the SUSP data buffer and poten...

EUVD-2017-9332

Malware in sbrugna...

EUVD-2019-4741

Malware in sbrugna...

EUVD-2010-5214

Malware in sbrugna...

EUVD-2008-4207

Malware in sbrugna...

EUVD-2017-11964

Malware in sbrugna...

EUVD-2017-9331

Malware in sbrugna...

Linux Distros Unpatched Vulnerability : CVE-2019-14531

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in The Sleuth Kit TSK 4.6.6. There is an out of bounds read on iso9660 while parsing System Use Sharing Protocol data in fs/iso9660.c...

USN-6855-1: libcdio vulnerability

Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code...

K24036027: libarchive vulnerability CVE-2016-5844

Security Advisory Description Integer overflow in the ISO parser in libarchive before 3.2.1 allows remote attackers to cause a denial of service application crash via a crafted ISO file. CVE-2016-5844 Impact For BIG-IP and VIPRION platforms that are configured to use Virtual Clustered...

K13074505: libarchive vulnerability CVE-2016-8687

Security Advisory Description Stack-based buffer overflow in the safefprintf function in tar/util.c in libarchive 3.2.1 allows remote attackers to cause a denial of service via a crafted non-printable multibyte character in a filename. CVE-2016-8687 Impact For BIG-IP and VIPRION platforms that ar...

SUSE CVE-2017-18198

printiso9660recurse in iso-info.c in GNU libcdio before 1.0.0 allows remote attackers to cause a denial of service heap-based buffer over-read or possibly have unspecified other impact via a crafted iso file...

Southeast Asian APT Group Saaiwc Targets Military and Financial Departments with PowerDism Backdoor

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary Saaiwc Group APT-LY-1005 is a newly identified APT group that is thought to operate in Southeast Asia. The groups main tactic is to use an ISO file as a malicious payload, which when executed, injects a...

BumbleBee leverages Zerologon to get Domain Controller Access

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Since May 2022, threat actors are leveraging BumbleBee as an initial vector from a Contact Forms campaign. The intrusion started with the delivery of an ISO file that contained an LNK and a DLL. Using...

SideWinder APT Using New WarHawk Backdoor to Target Entities in Pakistan

SideWinder, a prolific nation-state actor mainly known for targeting Pakistan military entities, compromised the official website of the National Electric Power Regulatory Authority NEPRA to deliver a tailored malware called WarHawk. "The newly discovered WarHawk backdoor contains various malicio...

Microsoft Warns of Large-Scale Click Fraud Campaign Targeting Gamers

Microsoft said it's tracking an ongoing large-scale click fraud campaign targeting gamers by means of stealthily deployed browser extensions on compromised systems. "The attackers monetize clicks generated by a browser node-webkit or malicious browser extension secretly installed on devices,"...

NULL Pointer Dereference

Description NULL Pointer Dereference in MP4BOX Command MP4Box -info POC6 POC6 is here. ASAN result iso file Unknown box type url@ in parent dref iso file Unknown box type traj in parent moov iso file Unknown box type 80rak in parent moov iso file Incomplete box mdat - start 11495 size 901165 iso...

Hackers Using New Evasive Technique to Deliver AsyncRAT Malware

A new, sophisticated phishing attack has been observed delivering the AsyncRAT trojan as part of a malware campaign that's believed to have commenced in September 2021. "Through a simple email phishing tactic with an HTML attachment, threat attackers are delivering AsyncRAT a remote access trojan...

Denial Of Service (DoS)

FuseISO is vulnerable to denial of service. An attacker is able to cause a denial of service application crash or possibly execute arbitrary code via a long pathname in an ISO file...

Integer Overflow

FuseISO is vulnerable to integer overflow. The vulnerability might allow remote attackers to cause a denial of service via a large ZF block size in an ISO file, leading to a heap-based buffer overflow...