Tag: Buffer Overflow

Crashes Summary
An independent security researcher has reported 36 different crashes in Iceni Infix. We decided to publish 1 sample out of the 36 crashes – if you want to get the remaining 35 crashes, please contact us via email ssd [at] beyondsecurity (dot) com.

“Infix PDF Editor and Infix PDF Editor Pro is popular PDF editing software that can be used to edit PDF text. The program is very simple to use when you want to edit the text size, font, font color and more. You can also use Infix PDF Editor to edit whole paragraphs of the PDF document or even completely reformat the text.

Infix works like a normal word processor, so it’s really easy to use. It’s easy and quick – change text, fonts, images and more. No interface gimmicks, no ribbons!”

Credit
An independent security researcher has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor response
Iceni has released patches to address these crashes “We have resolved these issues in Infix version 7.1.4 which is the current release.”

Continue reading SSD Advisory – Iceni Infix Multiple Crashes

Vulnerability Summary
The following advisory describes a Buffer Overflow vulnerability found in Bitdefender Engine PE.

Bitdefender provides the Bitdefender “antimalware” engine for integration with other security vendors products. The engine is used in Bitdefender’s own products, for example in Bitdefender Internet Security 2017 and below. The antimalware engine is the core of the product, among other features providing the means to scan potentially malicious portable executables (PEs).

Credit
An independent security researcher, Pagefault, has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.

Vendor Response
Bitdefender has released patched to address this vulnerability in version 7.71417.

Continue reading SSD Advisory – Bitdefender Code Signing organizationName Buffer Overflow