EUVD-2014-8338

Malware in sbrugna...

SUSE CVE-2014-2270

softmagic.c in file before 5.17 and libmagic allows context-dependent attackers to cause a denial of service out-of-bounds memory access and crash via crafted offsets in the softmagic of a PE executable...

ShellcodeTemplate - An Easily Modifiable Shellcode Template For Windows X64/X86

An easily modifiable shellcode template for Windows x64/x86 How does it work? This template is heavily based on Austin Hudson's aka SecIdiot TitanLdr It compiles the project into a PE Executable and extracts the .text section Example The entrypoint of the shellcode looks like this. Of course, thi...

Arbitrary Code Execution

binutils is vulnerable to arbitrary code execution. The bfdXXiswapaouthdrin function in bfd/peXXigen.c allows remote attackers to cause a denial of service out-of-bounds write via a malicious NumberOfRvaAndSizes field in the AOUT header in a PE executable...

Denial Of Service (DoS) Through Out-of-Bounds Access

libmagic.so is vulnerable to denial of service DoS attacks. The library does properly check offsets of a PE Executable file, leading to an out-of-bounds access that can crash the application...

FreeBSD : GNU binutils -- multiple vulnerabilities (f6a014cd-d268-11e4-8339-001e679db764)

US-CERT/NIST reports : The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE...

Oracle Solaris Third-Party Patch Update : php (cve_2013_4248_input_validation)

The remote Solaris system is missing necessary patches to address security updates : - The opensslx509parse function in openssl.c in the OpenSSL module in PHP before 5.4.18 and 5.5.x before 5.5.2 does not properly handle a '\0' character in a domain name in the Subject Alternative Name field of a...

Stud_PE-2.6.05

Exploit Title: StudPE v2.6.05 Stack Overflow PoC exploit Date: 03/28/2010 Author: zha0 Software Link: http://www.cgsoftlabs.ro/studpe.html Version: StudPE v2.6.05 peexe= "\x4D\x5A\x90\x00\x03\x00\x00\x00\x04\x00\x00\x00\xFF\xFF\x00\x00"...

CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

Out-of-bounds

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

CVE-2014-8501

The bfdXXiswapaouthdrin function in bfd/peXXigen.c in GNU binutils 2.24 and earlier allows remote attackers to cause a denial of service out-of-bounds write and possibly have other unspecified impact via a crafted NumberOfRvaAndSizes field in the AOUT header in a PE executable...

Fedora 19 : avr-binutils-2.24-3.fc19 (2014-14838)

fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in...

Fedora 19 : arm-none-eabi-binutils-cs-2014.05.28-3.fc19 (2014-14874)

fix directory traversal vulnerability 1162657 - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack...

Fedora 21 : avr-binutils-2.24-4.fc21 (2014-14995)

fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in...

Fedora 20 : avr-binutils-2.24-3.fc20 (2014-14963)

fix directory traversal vulnerability - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack overflow in...

Fedora 20 : arm-none-eabi-binutils-cs-2014.05.28-3.fc20 (2014-14833)

fix directory traversal vulnerability 1162657 - fix CVE-2014-8501: out-of-bounds write when parsing specially crafted PE executable - fix CVE-2014-8502: heap overflow in objdump - fix CVE-2014-8503: stack overflow in objdump when parsing specially crafted ihex file - fix CVE-2014-8504: stack...

mingw-w64-binutils: multiple issues

CVE-2014-8484 invalid read Invalid read flaw leads to denial of service while parsing specially crafted files in programs using libbfd. - CVE-2014-8485 out-of-bounds write Lack of range checking leading to controlled write in bfdelfsetupsections which results in denial of service or possible code...