overflow – WindowsTechs.com

Serious Security: Understanding how computers count

Posted on December 9, 2019 by Paul Ducklin

The hard disks that fail abruptly at 32,768 hours of use – why simply ‘adding 1’ can send you into oblivion. Continue reading Serious Security: Understanding how computers count→

Final Fantasy Exploit Teaches 32-bit Integer Math

Posted on September 19, 2018 by Bryan Cockfield

One of the fun things about old video games, besides their obvious nostalgia, is that some of the more popular games have been pried apart and tinkered with for years, leading to a lot of new “development” within the games. This often uncovers some hidden gems that gamers might not have had any knowledge of during the game’s heyday, like this coding oddity found in Final Fantasy 7 that illustrates a lot about how 32-bit processors do math.

The original PlayStation used a 32-bit RISC processor, but the most significant bit could be used for integer signing. This means that …read more

Continue reading Final Fantasy Exploit Teaches 32-bit Integer Math→

VU#590639: NXP Semiconductors MQX RTOS contains multiple vulnerabilities

Posted on October 12, 2017 by CERT

The NXP Semiconductors MQX RTOS prior to version 5.1 contains a buffer overflow in the DHCP client,which may lead to memory corruption allowing an attacker to execute arbitrary code,as well as an out of bounds read in the DNS client which may lead to a denial of service. Continue reading VU#590639: NXP Semiconductors MQX RTOS contains multiple vulnerabilities→

VU#240311: Multiple Bluetooth implementation vulnerabilities affect many devices

Posted on September 12, 2017 by CERT

A collection of Bluetooth implementation vulnerabilities known as"BlueBorne"has been released. These vulnerabilities collectively affect Windows,iOS,and Linux-kernel-based operating systems including Android and Tizen,and may in worst case allow an unauthenticated attacker to perform commands on the device. Continue reading VU#240311: Multiple Bluetooth implementation vulnerabilities affect many devices→

VU#547255: Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow

Posted on July 18, 2017 by CERT

Dahua IP camera products using firmware versions prior to V2.400.0000.14.R.20170713 include a version of the Sonia web interface that may be vulnerable to a stack buffer overflow. Continue reading VU#547255: Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow→

Fail Of The Week (in 1996): The 7 Billion Dollar Overflow

Posted on June 30, 2016 by Gerrit Coetzee

The year was 1996, the European Space agency was poised for commercial supremacy in space. Their new Ariane 5 Rocket could launch two three-ton satellites into space. It had more power than anything that had come before.

The rocket rose up towards the heavens on a pillar of flame, carrying four very expensive and very uninsured satellites. Thirty-seven seconds later it self destructed. Seven billion dollars of RUD rained down on the local beaches near the Guiana Space Centre in Southern America. A video of the failed launch is after the break.

The cause of all this was a single …read more

Continue reading Fail Of The Week (in 1996): The 7 Billion Dollar Overflow→

VU#862384: libarchive contains a heap-based buffer overflow due to improper input validation

Posted on May 2, 2016 by CERT

An attacker may be able to coerce a user into executing arbitrary code in the context of the current user by attempting to unzip a crafted zip file provided by the attacker. Continue reading VU#862384: libarchive contains a heap-based buffer overflow due to improper input validation→