New Bandook RAT Variant Resurfaces, Targeting Windows Machines

A new variant of remote access trojan called Bandook has been observed being propagated via phishing attacks with an aim to infiltrate Windows machines, underscoring the continuous evolution of the malware. Fortinet FortiGuard Labs, which identified the activity in October 2023, said the malware ...

Microsoft MSINFO32.EXE 6.1.7601 - .NFO XML External Entity Injection Vulnerability

Exploit for windows platform in category local exploits + Credits: John Page aka hyp3rlinx Vendor: ================= www.microsoft.com Product: ========================== Windows System Information MSINFO32.exe v6.1.7601 Windows MSINFO32.EXE Displays a comprehensive view of your hardware, system...

Microsoft MSINFO32.EXE 6.1.7601 - .NFO XML External Entity Injection

Microsoft MSINFO32.EXE 6.1.7601 - .NFO XML External Entity Injection + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt + ISR: ApparitionSec Vendor: =================...

Microsoft MSINFO32.EXE 6.1.7601 - '.NFO' XML External Entity Injection

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/MICROSOFT-MSINFO32-XXE-FILE-EXFILTRATION.txt + ISR: ApparitionSec Vendor: ================= www.microsoft.com Product: ========================== Windows System Information...

CVE-2004-1649

Technical details about CVE-2004-1649 are not publicly provided in the supplied documents; no affected products, versions, or fixes are disclosed here. Monitor for updates.

CVE-2004-1649

Buffer overflow in Microsoft Msinfo32.exe might allow local users to execute arbitrary code via a long filename in the msinfofile command line parameter. NOTE: this issue might not cross security boundaries, so it may be REJECTED in the future...