WebKit - WebAssembly Parsing Does not Correctly Check Section Order

WebKit - WebAssembly Parsing Does not Correctly Check Section Order When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check...

WebKit - WebAssembly Parsing Does not Correctly Check Section Order Vulnerability

Exploit for multiple platform in category dos / poc When a WebAssembly binary is parsed in ModuleParser::parse, it is expected to contain certain sections in a certain order, but can also contain custom sections that can appear anywhere in the binary. The ordering check validateOrder does not...

GNU Binutils Binary File Descriptor Library Denial of Service Vulnerability (CNVD-2018-05200)

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

Threat Analysis: ROKRAT Malware

ROKRAT also referred to as DOGcall is a family of malware that has been used by attackers originating from North Korea. The family continues to evolve and adopt techniques from other families also used by the same attack group. The ROKRAT core payload is typically deployed by a loader, which has...

Fedora 27 : slurm (2017-9e775c0d06)

Harden the Slurm build and allows it to operate in full relro with GOT sections of the ELF binaries marked read-only. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and...

CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...

CommuniGatePro 6.1.16 - Cross-Site Scripting

Exploit Title: CommuniGatePro webmails Multiple Stored XSS Date: 15/11/2017 Exploit Author: Boumediene KADDOUR Unit: Algerie Telecom R&D Unit Vendor Homepage: https://www.stalker.com/ Software Link: http://www.stalker.com/ paid product Version: 6.1.16 Tested on: production server on crystal, pron...

Bitdefender Internet Security NSIS Sections Integer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Bitdefender Internet Security. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...

Cross-site Scripting (XSS)

symphonycms/symphony-2 is vulnerable to cross-site scripting XSS attacks. The attacks are possible because the user-supplied section's name and navigation group input parameters in content/content.blueprintssections.php are not properly sanitized...

UBUNTU-CVE-2017-8393

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...

DEBIAN-CVE-2017-8393

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...

CVE-2017-8393

The Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.28, is vulnerable to a global buffer over-read error because of an assumption made by code that runs for objcopy and strip, that SHTREL/SHRRELA sections are always named starting with a .rel/.rela prefix. This...

CVE-2017-7613

elflint.c in elfutils 0.168 does not validate the number of sections and the number of segments, which allows remote attackers to cause a denial of service memory consumption via a crafted ELF file...

PT-2017-3781 · Red Hat +3 · Elfutils +3

Name of the Vulnerable Software and Affected Versions: elfutils version 0.168 Description: The issue is related to insufficient validation of the number of sections and segments in ELF files, which can be exploited by a remote attacker to cause a denial of service, specifically memory consumption...

UBUNTU-CVE-2017-3157

By exploiting the way Apache OpenOffice before 4.1.4 renders embedded objects, an attacker could craft a document that allows reading in a file from the user's filesystem. Information could be retrieved by the attacker by, e.g., using hidden sections to store the information, tricking the user in...

CVE-2016-5028

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

DEBIAN-CVE-2016-5028

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

Null pointer dereference

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

CVE-2016-5028

The printframeinstbytes function in libdwarf before 20160923 allows remote attackers to cause a denial of service NULL pointer dereference via an object file with empty bss-like sections...

DEBIAN-CVE-2016-5042

The dwarfgetarangeslist function in libdwarf before 20160923 allows remote attackers to cause a denial of service infinite loop and crash via a crafted DWARF section...