48 matches found
Microsoft Visual C++ Redistributable Installer 访问控制错误漏洞
Microsoft Visual C++ Redistributable Installer is an installer from Microsoft Corporation USA that is used to install the Microsoft C and C++ MSVC runtime libraries on a user's computer. An access control error vulnerability exists in Microsoft Visual C++ Redistributable Installer. An attacker...
Description of the security update for the Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package (for previously installed versions): July 28, 2009
Description of the security update for the Microsoft Visual C++ 2005 Service Pack 1 Redistributable Package for previously installed versions: July 28, 2009 INTRODUCTION Microsoft has released security bulletin MS09-035. To view the complete security bulletin, visit one of the following Microsoft...
The story of Adobe Reader symbols
Posted by Mateusz Jurczyk, Project Zero Modern day security analysis of client applications is often hindered by the inaccessibility of their source code and other aids such as debug symbols. As a result, it is necessary to perform completely black-box reverse engineering of the software, in orde...
BlobRunner - Quickly Debug Shellcode Extracted During Malware Analysis
BlobRunner is a simple tool to quickly debug shellcode extracted during malware analysis. BlobRunner allocates memory for the target file and jumps to the base or offset of the allocated memory. This allows an analyst to quickly debug into extracted artifacts with minimal overhead and effort. To...
Microsoft Visual C redistributable fails to install during VDA installation
While installing VDA in a platform layer. The VDA has MS VC redistributable pre-reqs and the pre-reqs were failing to install...
Inject Custom Code Into PE File: InfectPE
Inject Custom Code Into PE File Using this tool you can inject x-code/shellcode into PE file. InjectPE works only with 32-bit executable files. Why you need InjectPE? You can test your security products. Use in a phishing campaign. Learn how PE injection works. …and so on. In the project, there i...
vSphere 6.5 backup/replication jobs hang
Challenge vSphere 6.5 backup/replication jobs may hang forever if you're using Windows Server 2008 R2 or Windows 7 backup proxies. Agent…Source.log files contain lines similar to the following: 16.01.2017 16:16:08 vdl| Loading VDDK library. Version: 6.5, directory: 'C:\Program Files...
Radium-Keylogger - Python keylogger with multiple features
Python keylogger with multiple features. Features Applications and keystrokes logging Screenshot logging Drive tree structure Logs sending by email Password Recovery for Chrome Mozilla Filezilla Core FTP CyberDuck FTPNavigator WinSCP Outlook Putty Skype Generic Network Cookie stealer Keylogger st...
Wireshark 2.0.0 2.0.4 - CORBA IDL Dissectors Denial of Service
Wireshark 2.0.0 2.0.4 - CORBA IDL Dissectors Denial of Service GIOP capture Build Information: Version 2.0.3 v2.0.3-0-geed34f0 from master-2.0 Copyright 1998-2016 Gerald Combs and contributors. License GPLv2+: GNU GPL version 2 or later This is free software; see the source for copying conditions...
APPLE-SA-2015-09-16-3 iTunes 12.3
APPLE-SA-2015-09-16-3 iTunes 12.3 iTunes 12.3 is now available and addresses the following: iTunes Available for: Windows 7 and later Impact: Applications that use CoreText may be vulnerable to unexpected application termination or arbitrary code execution Description: Multiple memory corruption...
Failed to load jet library
Challenge The following error occurs when attempting to perform a restore using Veeam Explorer for Exchange: "Failed to load jet library from C:\ProgramData\Veeam\Backup\ExchangeExplorer\ESE\V15\ese.dll" Solution To solve, upgrade to Internet Explorer 10+ as it contains the necessary Windows file...
Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products)
Hi @ll, this is part 2 of "Defense in depth -- the Microsoft way", see http://seclists.org/fulldisclosure/2013/May/107 On Windows NT 5.x the current "Microsoft Security Essentials" v4.2 available from http://www.microsoft.com/securityessentials, and offered as optional update KB2804527 via...
Error “Please install Microsoft Visual C++ 2010 SP1 Redistributable Package and try again.” when attempting to install Veeam Backup & Replication Cloud Edition
Error “Please install Microsoft Visual C++ 2010 SP1 Redistributable Package and try again.” when attempting to install Veeam Backup & Replication Cloud Edition...
MS12-001: Vulnerability in Windows Kernel Could Allow Security Feature Bypass (2644615)
The remote Windows host has a bypass vulnerability in the SafeSEH security feature. This could allow an attacker to use other vulnerabilities to bypass the SafeSEH security feature and run arbitrary code on the remote host. Only software applications compiled using Microsoft Visual C++ .NET 2003...
DoS Condition with Altigen VoIP Phone Systems
If you run a NMAP network scan against the IP of the phone server, it will crash the Altigen's Gateway service, rendering the system useless until rebooted. All information saved in the phone system at the time is lost. Port 5061 crashes due to HEAP Overflow. Following message: Application popup:...
[security bulletin] HPSBMA02488 SSRT100013 rev.1 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01997644 Version: 1 HPSBMA02488 SSRT100013 rev.1 - HP ProLiant Support Pack 8.30 for Windows, Remote Code Execution, Information Disclosure NOTICE: The information in this Security Bulletin shoul...
Mozilla Firefox PKCS11 Module Installation Code Execution
Added: 09/24/2009 CVE: CVE-2009-3076 BID: 36343 OSVDB: 57977 Background Mozilla is a suite of Internet client products available for multiple platforms. Problem The warning dialog displayed when adding or removing security modules via pkcs11.addmodule or pkcs11.deletemodule can be customized by a...
Microsoft Visual Studio ATL COM对象远程代码执行漏洞
Bugraq ID: 35828 CVE ID:CVE-2009-2493 Microsoft Visual Studio是一款微软公司的开发工具套件系列产品。 Microsoft活动模版库ATL处理数据流对象实例化时ATL头存在错误,远程攻击者可以利用漏洞绕过IE等Kill-bits安全策略,并导致任意代码执行。 此漏洞只影响安装了使用Visual Studio ATL的组件和控件的系统。如果组件或控件使用ATL,不安全使用OleLoadFromStream允许任意对象实例化,可绕过相关的安全策略,如 Internet Explorer的Kill...
Microsoft Visual Studio ATL 'VariantClear()'远程代码执行漏洞
Bugraq ID: 35832 CVE ID:CVE-2009-0901 CNCVE ID:CNCVE-20090901 Microsoft Visual Studio是一款微软公司的开发工具套件系列产品。 Microsoft活动模版库ATL处理ATL头字段存在问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 ATL头字段存在的一个错误允许攻击者对未正确初始化的VARIANT进行VariantClear调用,基于此攻击者可以提供破坏的流触发错误处理过程中来调用VariantClear而控制整个流程。此漏洞只影响安装了使用Visual Studio...
Description of the security update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package: July 28, 2009
Describes a security update for Microsoft Visual C++ 2008 Service Pack 1 Redistributable Package that is dated July 28, 2009.INTRODUCTIONMicrosoft has released security bulletin MS09-035. To view the complete security bulletin, visit one of the following Microsoft Web sites:Home...