Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-29458PUBLISHED: 2021-04-19
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. An out-of-bounds read was found in Exiv2 versions v0.27.3 and earlier. The out-of-bounds read is triggered when Exiv2 is used to write metadata into a crafted image file. An att...
CVE-2021-31254PUBLISHED: 2021-04-19Buffer overflow in the tenc_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file, related invalid IV sizes.
CVE-2021-31255PUBLISHED: 2021-04-19Buffer overflow in the abst_box_read function in MP4Box in GPAC 1.0.1 allows attackers to cause a denial of service or execute arbitrary code via a crafted file.
CVE-2021-31256PUBLISHED: 2021-04-19Memory leak in the stbl_GetSampleInfos function in MP4Box in GPAC 1.0.1 allows attackers to read memory via a crafted file.
CVE-2021-31257PUBLISHED: 2021-04-19The HintFile function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.
User Rank: Ninja
9/6/2016 | 7:21:33 PM
I received a FB invitation from this FB friend of mine (who is a relative). I accepted -- thinking all the while, "Gee, I thought I was already friends with him").
Immediately, I got a FB message from him asking me how I was. I replied appropriately. I asked in turn. He said he was really excited.
That's weird. About what? I asked.
He told me he was excited about new mortgage rates or some other nonsense.
And that's when it became crystal clear that this was somebody masquerading as my relative. Sure enough, I was -- as I had previously suspected -- already FB friends of this person (the real one). The scammer had taken my relative's FB profile name and profile picture to masquerade as him, and then started sending invites to all of his FB friends.
Most people (all, I hope) saw right through the scam. And it's certainly one of the more benign ones to have happen to your profile. But still, an annoyance.