Updated gdb packages fix security vulnerability

Updated gdb packages fix security vulnerability: Potential buffer overflow when loading ELF sections larger than the file CVE-2019-1010180...

Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory

A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialise...

GNU LibreDWG Memory Allocation Failure Vulnerability

LibreDWG is a free C library for reading and writing DWG files. A memory allocation failure vulnerability exists in readsectionsmap in decoder2007.c in LibreDWG 0.9.3.2564. An attacker can exploit this vulnerability to allocate too much memory in readsectionsmap in decoder2007.c...

PT-2022-8727 · Jhead +3 · Jhead +3

Name of the Vulnerable Software and Affected Versions: JHEAD versions 3.04 and earlier Description: The issue is related to a heap-buffer-overflow in the ReadJpegSections function, located at jpgfile.c:285. This can be triggered by crafted jpeg images, potentially causing a program crash or...

DEBIAN-CVE-2019-19035

jhead 3.03 is affected by: heap-based buffer over-read. The impact is: Denial of service. The component is: ReadJpegSections and processSOFn in jpgfile.c. The attack vector is: Open a specially crafted JPEG file...

openSUSE Security Update : gdb (openSUSE-2019-2493)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

Security update for gdb (moderate)

openSUSE Security Update: Security update for gdb Announcement ID: openSUSE-SU-2019:2494-1 Rating: moderate References: 1115034 1142772 1145692 Cross-References: CVE-2019-1010180 Affected Products: openSUSE Leap 15.1 An update that solves one vulnerability and has two fixes is now available...

SUSE-SU-2019:2913-1 Security update for gdb

This update for gdb fixes the following issues: Update to gdb 8.3.1: jscECO-368 Security issues fixed: - CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. - Enable librpm for version librpm.so.3...

SUSE SLED15 / SLES15 Security Update : gdb (SUSE-SU-2019:2902-1)

This update for gdb fixes the following issues : Update to gdb 8.3.1: jscECO-368 Security issues fixed : CVE-2019-1010180: Fixed a potential buffer overflow when loading ELF sections larger than the file. bsc1142772 Upgrade libipt from v2.0 to v2.0.1. Enable librpm for version librpm.so.3...

CB Threat Analysis Unit: Technical Analysis of “Crosswalk”

The technical analysis is related to the TAU-TIN for the same malware which can be located in this post. FireEye recently reported on APT41, a Chinese state sponsored espionage group. The group has been documented as targeting healthcare, high-tech, and telecommunications companies for traditiona...

UBUNTU-CVE-2019-14295

An Integer overflow in the getElfSections function in pvmlinx.cpp in UPX 3.95 allows remote attackers to cause a denial of service crash via a skewed offset larger than the size of the PE section in a UPX packed executable, which triggers an allocation of excessive memory...

SUSE-SU-2019:1877-1 Security update for glibc

This update for glibc fixes the following issues: Security issues fixed: - CVE-2019-9169: Fixed a heap-based buffer over-read via an attempted case-insensitive regular-expression match bsc1127308. - CVE-2009-5155: Fixed a denial of service in parseregexp bsc1127223. Non-security issues fixed: -...

CVE-2019-3970

Comodo Antivirus versions up to 12.0.0.6810 are vulnerable to Arbitrary File Write due to Cavwp.exe handling of Comodo's Antivirus database. Cavwp.exe loads Comodo antivirus definition database in unsecured global section objects, allowing a local low privileged process to modify this data direct...

Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation

Microsoft Windows Font Cache Service - Insecure Sections Privilege Escalation Windows: Windows Font Cache Service Insecure Sections EoP Platform: Windows 10 1809 not tested earlier Class: Elevation of Privilege Security Boundary per Windows Security Service Criteria: User boundary Summary: The...

The vulnerability of the _bfd_add_merge_section function in the GNU Binutils development environment allows a hacker to trigger a service failure.

The vulnerability of the bfdaddmergesection function in the GNU Binutils development environment is related to the assignment of a null pointer when attempting to merge sections with large differences. Exploiting this vulnerability could allow an attacker to trigger a service failure...

[SECURITY] Fedora 29 Update: mingw-libconfuse-3.2.2-1.fc29

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and lists of values strings, integers, floats, booleans or other sections, as well as some other features such as single/double-quoted strings, environment variab...

[SECURITY] Fedora 28 Update: mingw-libconfuse-3.2.2-1.fc28

libConfuse is a configuration file parser library, licensed under the terms of the ISC license, and written in C. It supports sections and lists of values strings, integers, floats, booleans or other sections, as well as some other features such as single/double-quoted strings, environment variab...

The vulnerability of the `assign_file_positions_for_non_load_sections` function in the GNU Binutils development environment allows a attacker to trigger a service failure.

The vulnerability of the assignfilepositionsfornonloadsections function in the GNU Binutils development environment is related to the assignment of a null pointer. Exploiting this vulnerability could allow an attacker to cause a service failure by using an ELF file with a RELRO segment that lacks...

Pftriage - Python Tool And Library To Help Analyze Files During Malware Triage And Analysis

pftriage is a tool to help analyze files during malware triage. It allows an analyst to quickly view and extract properties of a file to help during the triage process. The tool also has an analyze function which can detect common malicious indicators used by malware. Dependencies pefile filemagi...

Information Disclosure

libreoffice is vulnerable to information disclosure attacks. The vulnerability exists by exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the...