Mmmdzz

**Nome do software vulnerável e versões afetadas** PNGOUT versão 2020-01-15 **Descrição** Foi detectada uma falha no PNGOUT ao compactar um arquivo PNG malicioso, que causa um estouro de inteiro. **Recomendações** Para a versão 2020-01-15 do PNGOUT, no momento, não há informações sobre uma versão mais recente que contenha uma correção para este problema.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to 4.0.0 **Description** The issue is related to a lack of validation of the `content` variable in the `r asm pseudo incbin` function at `libr/asm/asm.c`. This leads to an arbitrary write, allowing remote attackers to cause a denial of service, such as an application crash, or possibly have other unspecified impacts via crafted input. **Recommendations** For versions prior to 4.0.0, update to version 4.0.0 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** YARA version 3.11.0 **Description** The issue arises from inconsistent command size in the macho parse file functionality, which can lead to out-of-bounds memory access when a specially crafted MachO file is processed. This can result in a Denial of Service, causing the application to crash, or potentially allow code execution. **Recommendations** For YARA version 3.11.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to 4.0 **Description** The issue is related to an integer overflow for the `new token size` variable in the `r asm massemble` function, located in `libr/asm/asm.c`. This overflow results in a Use-After-Free condition for the `tokens` buffer, which can be filled with arbitrary malicious data after it is freed. This allows remote attackers to cause a denial of service, potentially leading to an application crash, or possibly execute arbitrary code via crafted input. **Recommendations** For versions prior to 4.0, update to version 4.0 or later to resolve the issue. As a temporary workaround, consider restricting the input to the `r asm massemble` function to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** radare2 versions prior to 3.5.1 **Description** The issue is related to a heap-based buffer over-read in the `r egg lang parsechar` function, which can be exploited by remote attackers to cause a denial of service, potentially leading to an application crash. The problem arises from missing length validation in `libr/egg/egg.c`. **Recommendations** For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue.