This vulnerability involves the ping_unhash function in net/ipv4/ping.c in the Linux kernel before 4.0.3, where it does not initialize a certain list data structure during an unhash operation. This allows attackers to gain privileges or cause a denial of service (use-after-free and system crash) by leveraging the ability to make a SOCK_DGRAM socket system call for the IPPROTO_ICMP or IPPROTO_ICMPV6 protocol, and then making a connect system call after a disconnect.
Trend Micro researchers discovered this vulnerability in Android devices that could potentially allow attackers to perform Denial of Service (DoS) attacks once successfully exploited. It affects Android versions <4.0.1 Jelly Bean to 5.1.1 Lollipop.
Attackers need to trick users into installing a malicious app or go to a malicious website in order to download the said bug on their devices.
This Android vulnerability known as “Stagefright” can be leveraged by attackers to install a malware on Android devices via a multimedia message (MMS). It affects versions of Android from 4.0.1 to 5.1.1. The said vulnerability, designated with CVE-2015-3824, resides in mediaserver component, which is for handling open media files.
This zero-day vulnerability emerged in the Hacking Team leak, which could allow attackers to have remote control of the affected system when exploited successfully. In addition, affected systems can be potentially infected with rootkits and bootkits.
This Adobe Flash vulnerability is used by Angler Exploit Kit as a starting point in the infection chain that spreads a Point-of-Sale (PoS) malware reconnaissance. Trend Micro detects this PoS malware as TROJ_RECOLOAD.A that checks if the infected system is a PoS machine or part of the PoS network.
This vulnerability assigned with CVE-2012-2825 is related to the Hacking Team leak, which exposed the RCSAndroid code. The said malicious code could potentially allow surveillance operations for cybercriminals. Based on our investigation, one of the methods that attackers used to lead users into downloading RCSAndroid is to send a specially crafted URL to the recipients/users via SMS or email.
This vulnerability is assigned as CVE-2015-2426 and is described as the following:
Buffer underflow in atmfd.dll in the Windows Adobe Type Manager Library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows remote attackers to execute arbitrary code via a crafted OpenType font, aka "OpenType Font Driver Vulnerability."
This vulnerability is related to the Hacking Team leak, which exposed the RCSAndroid code. The said malicious code could potentially allow surveillance operations for cybercriminals. Based on our investigation, one of the methods that attackers used to lead users into downloading RCSAndroid is to send a specially crafted URL to the recipients/users via SMS or email.