what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

EnCase Forensic Imager 7.10 Denial Of Service / Heap Buffer Overflow
Posted Nov 29, 2016
Authored by Wolfgang Ettlinger | Site sec-consult.com

EnCase Forensic Imager versions 7.10 and below suffer from denial of service and heap-based buffer overflow vulnerabilities.

tags | exploit, denial of service, overflow, vulnerability
SHA-256 | 7843ed94a73178cbbad1a3abd757df71b39cbeea28ef32b9271d33b5a8956fe1

Related Files

Chrome PaintImage Deserialization Out-Of-Bounds Read
Posted Jul 11, 2022
Authored by Google Security Research, Mark Brand

The code in cc::PaintImageReader::Read (cc::PaintImage*) does not properly check the incoming data when handling embedded image data, resulting in an out-of-bounds copy into the filter bitmap data.

tags | exploit
advisories | CVE-2022-2010
SHA-256 | 3442a632be9dec3260619421059a97062f1e5b5331769ad612a11a97ecf3ec9b
QT TIFF Processing Out-Of-Bounds Read
Posted May 25, 2021
Authored by Google Security Research, natashenka

The QImageReader class can read out-of-bounds when converting a specially-crafted TIFF file into a QImage, where the TIFF tile length is inconsistent with the tile size. This could potentially allow an attacker to determine values in memory based of the QImage pixels, if QT is used to process untrusted images.

tags | exploit
SHA-256 | 766b77fab4c5903f5bd4ca7cb9d967ba5f26ec50db568fd2f7147cf8314ad4bc
Guide To FTK Imager
Posted Feb 15, 2021
Authored by Jeenali Kothari | Site hackingarticles.in

This whitepaper is a guide to using FTK Imager for digital forensics.

tags | paper
SHA-256 | 3c78ef29175142feb10177e89ff96cbd355c362ecc8bb3edd23f41ce3f657e0f
Ubuntu Security Notice USN-3396-1
Posted Aug 18, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3396-1 - It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. Various other issues were also addressed.

tags | advisory, java, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10243
SHA-256 | 61bdcf4a0adf7e27a0250a05d795a49892ebdce3abf08ae85fec4f7f16b253c8
Ubuntu Security Notice USN-3366-2
Posted Jul 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3366-2 - USN-3366-1 fixed vulnerabilities in OpenJDK 8. Unfortunately, that update introduced a regression that caused some valid JAR files to fail validation. This update fixes the problem. It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. Various other issues were also addressed.

tags | advisory, java, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243
SHA-256 | e9581a312ef7c1eb2dedb9df0dc68f52b06260cac0f6b85c8b55f77958b4e34e
Ubuntu Security Notice USN-3366-1
Posted Jul 26, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3366-1 - It was discovered that the JPEGImageReader class in OpenJDK would incorrectly read unused image data. An attacker could use this to specially construct a jpeg image file that when opened by a Java application would cause a denial of service. It was discovered that the JAR verifier in OpenJDK did not properly handle archives containing files missing digests. An attacker could use this to modify the signed contents of a JAR file. Various other issues were also addressed.

tags | advisory, java, denial of service
systems | linux, ubuntu
advisories | CVE-2017-10053, CVE-2017-10067, CVE-2017-10074, CVE-2017-10078, CVE-2017-10081, CVE-2017-10087, CVE-2017-10089, CVE-2017-10090, CVE-2017-10096, CVE-2017-10101, CVE-2017-10102, CVE-2017-10107, CVE-2017-10108, CVE-2017-10109, CVE-2017-10110, CVE-2017-10111, CVE-2017-10115, CVE-2017-10116, CVE-2017-10118, CVE-2017-10135, CVE-2017-10176, CVE-2017-10193, CVE-2017-10198, CVE-2017-10243
SHA-256 | b14c83af19137eb71b4ecf4d60969230fa06f1294af8524a5b5982b5a637a156
EnCase Forensic Imager 7.10 Buffer Overflow
Posted May 12, 2017
Authored by Wolfgang Ettlinger | Site sec-consult.com

Guidance Software EnCase Forensic Imager versions 7.10 and below suffer from a stack-based buffer overflow vulnerability.

tags | exploit, overflow
SHA-256 | dde2e54320f7ae0c6125565d33c61a502a0e8d4158b92889665a3941c021109b
Ubuntu Security Notice USN-2952-2
Posted Apr 28, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2952-2 - USN-2952-1 fixed vulnerabilities in PHP. One of the backported patches caused a regression in the PHP Soap client. This update fixes the problem. It was discovered that the PHP Zip extension incorrectly handled directories when processing certain zip files. A remote attacker could possibly use this issue to create arbitrary directories. It was discovered that the PHP Soap client incorrectly validated data types. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2014-9767, CVE-2015-8838, CVE-2016-1903, CVE-2016-2554, CVE-2016-3141, CVE-2016-3142
SHA-256 | 34256a7fbb2ead22a5a09a7ec0edeb11a8a3dd11aea8a9162bc767ed7eb68101
GDCM 2.6.0 / 2.6.1 Out-Of-Bounds Read
Posted Jan 11, 2016
Authored by Stelios Tsampas

GDCM versions 2.6.0 and 2.6.1 suffer from an out-of-bounds read due to missing checks. The vulnerability occurs during the decoding of JPEG-LS images when the dimensions of the embedded JPEG-LS image (as specified in the JPEG headers) are smaller than the ones of the selected region (set by gdcm::ImageRegionReader::SetRegion and usually based on DICOM header values).

tags | advisory
advisories | CVE-2015-8397
SHA-256 | 9fe160664c3de2590fc55b8d5d31baa051f09a4bfdb6a7eea28c5c6a6e20f826
Secunia Security Advisory 51518
Posted Dec 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been discovered in FreeVimager, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 13b1e0932781d8927c437f0972fc5ac4c672aa4dc5c739bda475ca6bed413476
FreeVimager 4.1.0 WriteAV Arbitrary Code Execution
Posted Dec 9, 2012
Authored by Jean Pascal Pereira

FreeVimager version 4.1.0 suffers from a WriteAV arbitrary code execution vulnerability.

tags | exploit, arbitrary, code execution
SHA-256 | 35e5e13d2e82922d649ad92142ac0d02c9c0e530b0e24f4a78b0a544ce6ef7ab
Ubuntu Security Notice USN-1154-1
Posted Jun 17, 2011
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 1154-1 - It was discovered that a heap overflow in the AWT FileDialog.show() method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. It was discovered that integer overflows in the JPEGImageReader readImage() function and the SunLayoutEngine nativeLayout() function could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, overflow, arbitrary
systems | linux, ubuntu
advisories | CVE-2011-0862, CVE-2011-0815, CVE-2011-0822, CVE-2011-0862, CVE-2011-0864, CVE-2011-0865, CVE-2011-0867, CVE-2011-0868, CVE-2011-0869, CVE-2011-0870, CVE-2011-0871, CVE-2011-0872
SHA-256 | b8678edae4561e9f93f6e10ebcdb337635cb2b334bf27aa584409a4de58814ef
Zero Day Initiative Advisory 10-058
Posted Apr 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-058 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple Mac OS X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Apple ImageIO framework during the parsing of malformed JPEG2000 files. The function CGImageReadGetBytesAtOffset can utilize miscalculated values during a memmove operation that will result in an exploitable heap corruption allowing attackers to execute arbitrary code under the context of the current user.

tags | advisory, remote, arbitrary
systems | apple, osx
advisories | CVE-2010-0505
SHA-256 | 6fadd8230149c63039b890333f1631fb1dbee04c5cc9599843de14ad2c75b210
Zero Day Initiative Advisory 10-057
Posted Apr 6, 2010
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 10-057 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Sun's Java Runtime. User interaction is required in that a user must be coerced into executing a malicious java application via visiting a website. The specific flaw exists within the JPEGImageDecoderImpl interface used by the image processing library to decode JPEG Imagery. By abusing an object meant to specify parameters used by the underlying jpeg decoder a malicious attacker can influence the decoding routine resulting in a heap overflow. This can be exploited to execute arbitrary code in the context of the application.

tags | advisory, java, remote, overflow, arbitrary
advisories | CVE-2010-0849
SHA-256 | 63d73f7e6f6485d9f0624ba47da8dd8e47720b89df4df018af43f597e653edf9
NextApp Echo XML Injection
Posted Mar 10, 2009
Site sec-consult.com

SEC Consult Security Advisory 20090305-0 - NextApp Echo2 versions below 2.1.1 suffer from a XML injection vulnerability.

tags | exploit, xxe
SHA-256 | e364a88c2cc90f61eeb02c0e5b44a6ff6992024991a758fa3a4903a2fe77a6b5
PHP GD Library Information Leak
Posted Dec 31, 2008
Authored by Hamid Ebadi | Site bugtraq.ir

The PHP GD library suffers from an imageRotate() function information leak vulnerability.

tags | advisory, php
advisories | CVE-2008-5498
SHA-256 | 63a4f23ebaa22d5f4bb47dced105c74b50d8a00ff26e6126ba04d1a32f614fea
SEC-CONSULT Security Advisory 20081219-0
Posted Dec 30, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC-CONSULT Security Advisory 20081219-0 - Fujitsu-Siemens WebTransactions is vulnerable to remote command injection due to insufficient input validation. Under certain conditions, WBPublish.exe passes unvalidated user input to the system() function when cleaning up temporary session data. This vulnerability allows an attacker to execute arbitrary commands on the affected system. The vulnerability does not require prior authentication and can be exploited from a web browser.

tags | advisory, remote, web, arbitrary
SHA-256 | 4fcccde253345cf5e3f0f4106c7f74d8b15fb08e20a6c514630001cb3f299309
SEC Consult Security Advisory 20081210-0
Posted Dec 10, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081210-0 - By calling the extended stored procedure sp_replwritetovarbin, an attacker can write limited values to arbitrary locations in process memory. This vulnerability has been described in a prior security advisory for MS SQL Server 2000.

tags | advisory, arbitrary
SHA-256 | 35360a7acfa1a99b8a092110b58250c85ed5ca8c4ccd0d0b760cbb8a46b38a39
SEC Consult Security Advisory SA-20081109-0
Posted Dec 9, 2008
Authored by Bernhard Mueller | Site sec-consult.com

SEC Consult Security Advisory 20081209-0 - Microsoft SQL Server suffers from a limited memory overwrite vulnerability.By calling the extended stored procedure sp_replwritetovarbin, and supplying several uninitialized variables as parameters, it is possible to trigger a memory write to a controlled location. Depending on the underlying Windows version, it is / may be possible to use this vulnerability to execute arbitrary code in the context of the vulnerable SQL server process. In a default configuration, the sp_replwritetovarbin stored procedure is accessible by anyone. The vulnerability can be exploited by an authenticated user with a direct database connection, or via SQL injection in a vulnerable web application. Versions 8.00.2039 and below are affected.

tags | advisory, web, arbitrary, sql injection
systems | windows
SHA-256 | a3cd08ebd8f3b29b9b481794aeae14f29fef4640ab1d53fdd05d480b010bfc47
Secunia Security Advisory 32820
Posted Nov 20, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A security issue has been reported in SystemImager, which can be exploited by malicious, local users to perform certain actions with escalated privileges.

tags | advisory, local
SHA-256 | b86a2ff45f2aee8400b99722dcda1cae022399f4bc56b827c5b235f3c249d084
SA-20081016-0.txt
Posted Oct 17, 2008
Authored by D. Matscheko | Site sec-consult.com

SEC Consult Security Advisory 20081016-0 - Instant Expert Analysis uses a signed Java applet for Firefox or Netscape browsers and a signed ActiveX plugin for Internet Explorer. Both applets allow an attacker to download and execute arbitrary applications when the user visits an infected website.

tags | advisory, java, arbitrary, activex
SHA-256 | 4389e14bdabddae18e2fd1658419cc963957c03ba043729d6ea732a805c3413c
Secunia Security Advisory 30030
Posted May 8, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Fedora has issued an update for perl-Imager. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory, perl
systems | linux, fedora
SHA-256 | dce98fd40dd2d70973f04f659ce1731edf681b2c5da85792c1139442785a06c5
Secunia Security Advisory 30011
Posted Apr 29, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Imager, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory
SHA-256 | c8cc16448d9c91bea229231021e61d37ff91a80663f4336b90e92d733bd0a86f
Secunia Security Advisory 28868
Posted Feb 21, 2008
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Debian has issued an update for libimager-perl. This fixes a vulnerability, which potentially can be exploited by malicious people to compromise an application using the library.

tags | advisory, perl
systems | linux, debian
SHA-256 | 4a2ca992d954d44de97a3bf6c4ed2449eb3cb54c0068d66167ff03c78427d545
Debian Linux Security Advisory 1498-1
Posted Feb 20, 2008
Authored by Debian | Site debian.org

Debian Security Advisory 1498-1 - It was discovered that libimager-perl, a Perl extension for Generating 24 bit images, did not correctly handle 8-bit per-pixel compressed images, which could allow the execution of arbitrary code.

tags | advisory, arbitrary, perl
systems | linux, debian
advisories | CVE-2007-2459
SHA-256 | 77b57051bb67ab976211b73e0b03e6193ed987b375844d6dfa18cfb0e35d5863
Page 1 of 4
Back1234Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close