2 matches found
CVE-2017-20201 CCleaner v5.33.6162 & CCleaner Cloud v1.07.3191 Malicious Backdoor Supply Chain Compromise
CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 32-bit builds contained a malicious pre-entry-point loader that diverts execution from scrtcommonmainseh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at...
QEMU: loader: OOB access while loading registered ROM may lead to code execution
An out-of-bound write access flaw was found in the way QEMU loads ROM contents at boot time. This flaw occurs in the romcopy routine while loading the contents of a 32-bit -kernel image into memory. Running an untrusted -kernel image may load contents at arbitrary memory locations, potentially...