Vulnerability Discovered by Tyler Bohan and Cory Duplantis of Cisco Talos
Talos has identified an exploitable out-of-bounds write vulnerability in the ELF Section Header parsing functionality of Hopper (TALOS-2016-0222 /CVE-2016-8390). Hopper is a reverse engineering tool for macOS and Linux allowing the user to disassemble and decompile 32/64bit Intel-based Mac, Linux, Windows and iOS executables. During the parsing of ELF section headers, there is a user controlled size that is not validated, a malicious threat actor could craft an ELF file with specific section headers to trigger this vulnerability, potentially leading to remote code execution. A malicious threat actor could use a zip file containing the crafted executable to target threat researchers, sent via phishing or file sharing sites. This type of exploit can also be used as an anti-analysis measure in an attempt to defeat sandboxes and automated disassembly.
Hopper has been updated the changelog can be read at this URL: https://www.hopperapp.com/rss/html_changelog_v3.php
[Attachment]
Read more
Tags:
Cisco Systems Inc. published this content on 18 October 2016 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 18 October 2016 19:33:03 UTC.
Original documenthttp://blogs.cisco.com/security/talos/vulnerability-spotlight-hopper
Public permalinkhttp://www.publicnow.com/view/AAD9ED5FD2B0BB1EAC2E775D1116B5B58C4B2B1F
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).