CVE-2026-40499

radare2 prior to version 6.1.4 contains a command injection vulnerability in the PDB parser's printgvars function that allows attackers to execute arbitrary commands by embedding a newline byte in the PE section header name field. Attackers can craft a malicious PDB file with specially crafted...

SUSE CVE-2006-1614

Integer overflow in the cliscanpe function in the PE header parser libclamav/pe.c in Clam AntiVirus ClamAV before 0.88.1, when ArchiveMaxFileSize is disabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code...

Process-Dump - Windows Tool For Dumping Malware PE Files From Memory Back To Disk For Analysis

Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject...

KsDumper - Dumping Processes Using The Power Of Kernel Space

I always had an interest in reverse engineering. A few days ago I wanted to look at some game internals for fun, but it was packed & protected by EAC EasyAntiCheat. This means its handle were stripped and I was unable to dump the process from Ring3. I decided to try to make a custom driver that...

PESTO - PE (files) Statistical Tool

PESTO is a Python script that extracts and saves in a database some PE file security characteristics or flags searching for every PE binary in a whole directory, and saving results in a database. It checks for architecture flag in the header, and for the following security flags: ASLR, NOSEH, DEP...

CVE-2016-10402

Avira Antivirus engine versions before 8.3.36.60 allow remote code execution as NT AUTHORITY\SYSTEM via a section header with a very large relative virtual address in a PE file, causing an integer overflow and heap-based buffer underflow...

Design/Logic Flaw

The kernel component in Symantec Anti-Virus Engine AVE 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service memory access violation and system crash via a malformed PE header file...

CVE-2016-2208

CVE-2016-2208 affects Symantec Antivirus Engine (AVE) kernel component in AVE 20151.1 before 20151.1.1.4. The issue arises when parsing malformed PE header files, enabling remote attackers to execute arbitrary code or cause a memory access violation and system crash. Several advisories and assess...

CVE-2016-2208

The kernel component in Symantec Anti-Virus Engine AVE 20151.1 before 20151.1.1.4 allows remote attackers to execute arbitrary code or cause a denial of service memory access violation and system crash via a malformed PE header file...

Symantec Antivirus Engine 20151.1.0.32 Malformed PE Header Parser Memory Access Violation (SYM16-008)

The version of Symantec Antivirus Engine AVE installed on the remote host is 20151.1.0.32. It is, therefore, affected by a remote code execution vulnerability due to improper parsing of malformed portable-executable PE header files and executables packed with early versions of Aspack. A remote...

Symantec Antivirus Engine Malformed PE Header Parser Memory Access Violation

SUMMARY Symantec's Anti-Virus Engine AVE was susceptible to memory access violation due to a flaw when parsing a specifically-crafted PE header file in the kernel. The most common symptom of a successful attack would result in a system crash. AFFECTED PRODUCTS Symantec Anti Virus Engine --- CVE |...

Detours to modify the paragraph properties of vulnerability-vulnerability warning-the black bar safety net

Detours to modify the paragraph properties of the vulnerability Affected Software and systems Detours3. 0 and previous versions Description This issue will be its positioning as a vulnerability may be less suitable, the more likely that Detours a BUG, but because the defect will cause the exploit...

Smadav Anti Virus 9.1 Crash PoC

No description provided by source. Exploit Title: Smadav AntiVirus - Crash PoC Date: 10/Nov/2012 Exploit Author: Mada R Perdhana [email protected] / Spentera Research Team Vendor Homepage: http://www.smadav.net & http://www.smadav.web.id Software Link: http://www.smadav.net/download Version: 9.1...

Adobe Reader Plugin Signature Bypass Vulnerability - Linux

Adobe Reader is prone to plugin signature bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader Plugin Signature Bypass Vulnerability - Mac OS X

Adobe Reader is prone to plugin signature bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader Plugin Signature Bypass Vulnerability - Windows

Adobe Reader is prone to plugin signature bypass vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Apple Boot Camp Support Software < 5.1 AppleMNT.sys Driver PE Header Memory Corruption

The version of Apple Boot Camp Support Software installed on the remote host is a version prior to 5.1. As such, the AppleMNT.sys driver included in it reportedly has a bounds checking issue that can be triggered when parsing a Portable Executable PE file with a malformed header. A local attacker...

[VSD] (Virtual Section Dumper) Just another Virtual Section Dumper for Windows Processes

What's VSD? VSD Virtual Section Dumper is intented to be a tool to visualize and dump the memory regions of a running 32 bits or a 64 bits process in many ways. For example, you can dump the entire process and fix the PE Header , dump a given range of memory or even list and dump every virtual...

Smadav Anti Virus 9.1 - Crash (PoC)

Smadav Anti Virus 9.1 - Crash PoC Exploit Title: Smadav AntiVirus - Crash PoC Date: 10/Nov/2012 Exploit Author: Mada R Perdhana [email protected] / Spentera Research Team Vendor Homepage: http://www.smadav.net & http://www.smadav.web.id Software Link: http://www.smadav.net/download Version: 9.1...

Smadav AntiVirus 9.1 Denial Of Service

Exploit Title: Smadav AntiVirus - Crash PoC Date: 10/Nov/2012 Exploit Author: Mada R Perdhana [email protected] / Spentera Research Team Vendor Homepage: http://www.smadav.net & http://www.smadav.web.id Software Link: http://www.smadav.net/download Version: 9.1 Lastest Version, should be affected...