vulnerability spotlight

June 19, 2017

THREAT RESEARCH

Vulnerability Spotlight: Multiple Foscam C1 Vulnerabilities Come in to Focus

Executive Summary The Foscam C1 is a webcam that is marketed for use in a variety of applications including home security monitoring. As an indoor webcam, it is designed to be set up inside of a building and features the ability to be accessed remotely via a web interface or from within a mobile application. […]

May 12, 2017

THREAT RESEARCH

Vulnerability Spotlight: Hangul Word Processor Remote Code Execution Vulnerability

Talos is disclosing the presence of a vulnerability in Hangul Word Processor. Published by Hancom inc. the Hangul Office Suite, of which Hangul Word Processor is part, is the leading word processing and office productivity suite in South Korea. This vulnerability allows attackers to craft a malicious document that when opened, allows the attacker to cause […]

May 8, 2017

THREAT RESEARCH

Vulnerability Spotlight: WolfSSL library X509 Certificate Text Parsing Code Execution Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2017-0293 / CVE 2017-2800, a code execution vulnerability in WolfSSL. WolfSSL is a lightweight SSL/TLS library targeted specifically for embedded and RTOS (Real-Time Operating System) environments, due largely to its small size and performance. WolfSSL is used in a wide range of products including […]

March 22, 2017

THREAT RESEARCH

Vulnerability Spotlight: Code Execution Vulnerability in LabVIEW

Overview LabVIEW is a system design and development platform released by National Instruments. The software is widely used to create applications for data acquisition, instrument control and industrial automation. Talos is disclosing the presence of a code execution vulnerability and a memory corruption vulnerability which can be triggered by opening specially crafted VI files, the […]

January 20, 2017

THREAT RESEARCH

Vulnerability Spotlight: Adobe Acrobat Reader DC jpeg Decoder Vulnerability

Discovered by Aleksandar Nikolic of Cisco Talos Overview Talos is disclosing TALOS-2016-0259 / CVE-2017-2791 an uninitialized memory vulnerability in Adobe Acrobat Reader DC. Adobe Acrobat Reader is one of the largest and well known PDF readers available today. This particular vulnerability is associated with the JPEG Decoder functionality embedded in the application. A specially crafted […]

December 13, 2016

THREAT RESEARCH

Vulnerability Spotlight: Joyent SmartOS

Vulnerability discovered by Tyler Bohan Overview Talos is disclosing a series of vulnerabilities in Joyent SmartOS, specifically in the Hyprlofs filesystem. SmartOS is an open source hypervisor that is based on a branch of Opensolaris. Hyperlofs is a SmartOS in-memory filesystem that allows users to map files from various different locations under a single namespace. […]

November 2, 2016

THREAT RESEARCH

Vulnerability Spotlight: Windows 10 Remote Denial of Service

Talos is releasing an advisory for a remote denial of service attack vulnerability in Microsoft Windows 10 AHCACHE.SYS. An attacker can craft a malicious portable executable file, which if accessed causes AHCACHE.SYS to attempt to access out of scope memory. This triggers a bugcheck in the Windows kernel causing the system to crash, denying service […]

October 18, 2016

THREAT RESEARCH

Vulnerability Spotlight: Hopper Disassembler ELF Section Header Size Code Execution

Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222/CVE-2016-8390). Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and iOS executables. During the parsing […]

October 18, 2016

THREAT RESEARCH

Vulnerability Spotlight: Foxit PDF Reader JBIG2 Parser Information Disclosure

Vulnerability discovered by Aleksandar Nikolic of Talos. Talos has identified an information disclosure vulnerability in Foxit PDF Reader (TALOS-2016-0201/CVE-2016-8334). A wrongly bounded call to `memcpy`, while parsing jbig2 segments within a PDF file, can be triggered in Foxit PDF Reader causing an out-of-bounds heap memory to be read into a buffer. The `memcpy` call is properly […]