Malicious code in weavedb-client (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 469844df44557b10f865edf7d3d000fd90c901c6a42cc5402116247dca1528f0 package.json declares "preinstall": "./scripts/postbuild". The referenced file is not a script but a 976,568-byte UPX-packed Linux x86-64 ELF binary...

Malicious code in polyutil (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 31a0fc68eee0841a78740fd3e3748171612b871b58bf9f3e52b4fa35bed64774 The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

Malicious code in polyclawd (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 1f994af0e1b17c0d30e950a5aef9a45d8e34f6f59ab45fadddb05b340ed5cdad The package is prepared to download a hardcoded executable and save it in %LOCALAPPDATA% under a very generic name, clearly aiming to hide its existence. Code ...

EUVD-2005-2919

Malware in sbrugna...

SUSE CVE-2005-2920

Buffer overflow in libclamav/upx.c in Clam AntiVirus ClamAV before 0.87 allows remote attackers to execute arbitrary code via a crafted UPX packed executable...

SUSE CVE-2005-2919

libclamav/fsg.c in Clam AntiVirus ClamAV before 0.87 allows remote attackers to cause a denial of service infinite loop via a crafted FSG packed executable...

SUSE CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

Updated upx packages fix security vulnerability

The updated package fixes security vulnerabilities: An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an...

CVE-2019-14295

CVE-2019-14295 affects UPX 3.95: an Integer overflow in getElfSections (p_vmlinx.cpp) can cause a DoS crash by allocating excessive memory when a crafted skewed offset exceeds the PE section size in a UPX-packed executable. Related CVE-2019-14296 canUnpack in the same file may cause SEGV/buffer o...

CVE-2019-14295

An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory...

CVE-2016-4535

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service memory corruption and crash via a crafted packed executable...

CVE-2016-4535

Integer signedness error in the AV engine before DAT 8145, as used in McAfee LiveSafe 14.0, allows remote attackers to cause a denial of service memory corruption and crash via a crafted packed executable...

Avast! - Out-of-Bounds Write Decrypting PEncrypt Packed executables

Source: https://code.google.com/p/google-security-research/issues/detail?id=554 The attached PEncrypt packed executable causes an OOB write on Avast Server Edition. gdb bt 0 0xf6f5e64a in EmulatePolyCodePOLYINFO, int from /proc/self/cwd/defs/15092301/engine.so 1 0xf6f7d334 in...

DEBIAN-CVE-2013-2020

Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...

CVE-2013-2020

Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...

Integer overflow

Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...

CVE-2013-2020

Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...

CVE-2013-2020

CVE-2013-2020 concerns ClamAV before 0.97.8 where an integer underflow in cli_scanpe (pe.c) can trigger an out-of-bounds read when parsing UPX-packed executables with a skewed offset, allowing a remote denial-of-service (crash). Public references in OpenVAS/SUSE advisories corroborate the issue a...

ClamAV < 0.97.8 Multiple Vulnerabilities

According to its version, the ClamAV clamd antivirus daemon on the remote host is earlier than 0.97.8 and is, therefore, potentially affected by the following vulnerabilities : - An overflow condition exists in the 'getsisstring' function in 'libclamav/sis.c' when handling SIS content. This flaw...

CVE-2013-2020

Integer underflow in the cliscanpe function in pe.c in ClamAV before 0.97.8 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an out-of-bounds read...