USN-3940-1 clamav vulnerabilities

It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...

UBUNTU-CVE-2019-1789

ClamAV versions prior to 0.101.2 are susceptible to a denial of service DoS vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking...

McAfee GetSusp VersionInfo Parsing Denial of Service Vulnerability

Summary An exploitable Denial of Service vulnerability exists in the file scanning functionality of McAfee GetSusp 3.0.0.461. A specially crafted executable can cause an infinite loop resulting in a Denial of Service. An attacker can scan this executable to trigger this vulnerability. Tested...

DEBIAN-CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

UBUNTU-CVE-2018-17360

An issue was discovered in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfdgetl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executabl...

An attacker with Office vulnerability propagation FELIXROOT Backdoor-vulnerability warning-the black bar safety net

! One, the attack event details 2017 9 months, in response to Ukrainian attacks, FireEye found FELIXROOT Backdoor this malicious payload, and feedback to our intelligence perception of the customers. The attack activities using some malicious Ukrainian banks document that contains a macro, used t...

Bring Your Own Land (BYOL) – A Novel Red Teaming Technique

Introduction One of most significant recent developments in sophisticated offensive operations is the use of “Living off the Land” LotL techniques by attackers. These techniques leverage legitimate tools present on the system, such as the PowerShell scripting language, in order to execute attacks...

Peanalyzer - Advanced Portable Executable File Analyzer And Disassembler

Advanced Portable Executable File Analyzer Python 3.6.4 Tested Working Usage python pyanalyzer.py --file file.exe --show all python pyanalyzer.py --file file.exe --disassemble all Video Dos Header File Header Optional Header Section Headers...

Update to add SHA-2 code signing support for Windows Server 2008 SP2

Update to add SHA-2 code signing support for Windows Server 2008 SP2 Summary This update provides support for the Secure Hash Algorithm-2 SHA-2 code signing and verification functionality in the 64-bit version of Windows Server 2008 Service Pack 2 SP2 which includes the following: Support for...

Sync Breeze Enterprise 10.4.18 - Remote Buffer Overflow (SEH)

Exploit Title: Sync Breeze Enterprise v10.4.18 Server - Unauthenticated Remote Buffer Overflow SEH Date: 29/01/2018 Exploit Author: Daniel Teixeira Vendor Homepage: http://www.syncbreeze.com Software Link: http://www.syncbreeze.com/setups/syncbreezeentsetupv10.4.18.exe Version: 10.4.18 Tested on:...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-36672)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the dumprelocsinsection function in objdump.c in...

UBUNTU-CVE-2017-17122

The dumprelocsinsection function in objdump.c in GNU Binutils 2.29.1 does not check for reloc count integer overflows, which allows remote attackers to cause a denial of service excessive memory allocation, or heap-based buffer overflow and application crash or possibly have unspecified other...

PT-2017-4320 · Gnu +1 · Gnu Binutils +1

Name of the Vulnerable Software and Affected Versions: GNU Binutils version 2.29.1 Description: The issue is related to an integer overflow in the dump relocs in section function of the objdump.c component. This allows a remote attacker to cause a denial of service, potentially leading to excessi...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34502)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because the pebfdreadbuildid function in peicode.h in the...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34508)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data, and assembly source code. A denial of service vulnerability exists in the coffslurplinetable function in coffcode.h in the Binary File Descriptor BFD library used in GNU...

GNU Binutils Denial of Service Vulnerability (CNVD-2017-34503)

GNU Binutils is a set of programming tools for creating and managing binary programs, object files, libraries, profile data and assembly source code. A denial of service vulnerability exists in GNU Binutils 2.29.1. The vulnerability arises because coffgen.c in the Binary File Descriptor BFD libra...

UBUNTU-CVE-2017-16831

coffgen.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, does not validate the symbol count, which allows remote attackers to cause a denial of service integer overflow and application crash, or excessive memory allocation or possibly have unspecified...

UBUNTU-CVE-2017-16826

The coffslurplinetable function in coffcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted PE fi...

DEBIAN-CVE-2017-16826

The coffslurplinetable function in coffcode.h in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29.1, allows remote attackers to cause a denial of service invalid memory access and application crash or possibly have unspecified other impact via a crafted PE fi...

Symantec Norton Security IDSvix86 PE Remote System Denial of Service Vulnerability(CVE-2016-5308)

SUMMARY A denial of service vulnerability exists in the Portable Executable file scanning functionality of Symantec Norton Security. A specially crafted PE file can cause an access violation in IDSvix86 kernel driver resulting in denial of service. An attacker can trigger this vulnerability for...