Adobe Acrobat Reader WDAnnotEnumerator Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within WDAnnotEnumerator...

Adobe Acrobat Reader DynamicAnnotStore enumerate Javascript API Restrictions Bypass Vulnerability

This vulnerability allows remote attackers to bypass API restrictions on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Google then exposed Microsoft Windows 8.1 did not fix the vulnerability-vulnerability warning-the black bar safety net

Recently Microsoft's Windows business head Terry Myerson criticized Google Android poor security, today Google once again exposed the Windows 8.1 did not fix the vulnerability, this means that, In be fix before the vulnerability could be exploited by hackers to. According to the description, the...

Threat Outbreak Alert RuleID14867: Email Messages Distributing Malicious Software on April 23, 2015

Medium Alert ID: 38509 First Published: 2015 April 23 17:13 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID14867 may contain the following files: Name | Si...

Adobe Reader JavaScript printSeps Function Heap Corruption (APSB10-28) - Ver2 (CVE-2010-4091)

Portable Document Format PDF is an open file format created by Adobe Systems. It is used for representing two-dimensional documents in a device and resolution independent fixed-layout document format. A heap corruption vulnerability exits in the way Adobe Acrobat and Reader handle specially craft...

Adobe Reader JPEG2000 Region of Interest Memory Corruption (APSB10-02) - Ver2 (CVE-2009-3955)

Portable Document Format PDF is an open file format created by Adobe Systems. A memory corruption vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to the way Adobe Reader and Acrobat parse a PDF file containing a malformed Jp2c stream of a JpxDecode encoded da...

Chrome, Firefox, Safari and IE – All Browsers Hacked at Pwn2Own Competition

The Annual Pwn2Own Hacking Competition 2015 held in Vancouver is over and participants from all over the world nabbed $557,500 in bug bounties for 21 critical bugs in top four web browsers as well as Windows OS, Adobe Reader and Adobe Flash. During the second and final day of this year’s hacking...

Adobe Reader Acrobat Denial of Service Vulnerability

Adobe Acrobat Reader is the United States Adobe developed a very popular and excellent PDF document reading software. A denial of service vulnerability exists in Adobe Reader Acrobat, which allows remote attackers to launch denial of service attacks via a carefully crafted PDF document...

Adobe Reader Out-of-bounds Vulnerability (Feb 2015) - Mac OS X

Adobe Reader is prone to unspecified Out-of-bounds error vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader Out-of-bounds Vulnerability (Feb 2015) - Windows

Adobe Reader is prone to unspecified Out-of-bounds error vulnerability. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2014-9161

CoolType.dll in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows, and 10.x through 10.1.13 and 11.x through 11.0.10 on OS X, allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a crafted PDF document...

Threat Outbreak Alert RuleID13340: Email Messages Distributing Malicious Software on January 29, 2015

Medium Alert ID: 37233 First Published: 2015 January 29 21:20 GMT Version: 1 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID13340 may contain the following files: Name |...

Adobe Reader and Acrobat Information Disclosure (APSB14-28: CVE-2014-8452)

An Information Disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an improper handling of XML external entities. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

Adobe Reader Javascript API Information Disclosure (APSB14-28: CVE-2014-8451)

An Information Disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an improper implementation of a Javascript API. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

Adobe Acrobat and Reader Buffer Overflow (APSB14-28: CVE-2014-8457)

A buffer overflow vulnerability has been reported in Adobe Reader and Acrobat. The vulnerability is due to incorrect memory buffer allocation while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Reader Memory Corruption (APSB14-28: CVE-2014-8460) - ver 2

Adobe Reader is vulnerable to a buffer overflow while parsing the font data. The access violation occurs because the number of subroutines for the embedded font is larger than the size of the subroutine array which leads to a crash...

Adobe-Reader-PDF-LibTiff

Title: Adobe PDF LibTiff Integer Overflow Code Execution. Product: Adobe Acrobat Reader Version: 8.3.0, 9.3.0 CVE: 2010-0188 import sys import base64 import struct import zlib import StringIO SHELLCODEOFFSET=0x555 TIFFOFSET=0x2038 windows/exec - 227 bytes http://www.metasploit.com Encoder:...

Adobe-Acrobat-and-Reader

Title: Adobe Acrobat and Reader "pushstring" Memory Corruption Version: Adobe Reader 9.3.2 Analysis: http://www.abysssec.com import sys class PDF: def initself: self.xrefs = self.eol = '\x0a' self.content = '' self.xrefsoffset = 0 def headerself: self.content += '%PDF-1.6' + self.eol def objself,...

Adobe Reader Javascript API Information Disclosure (APSB14-28: CVE-2014-8448)

An information disclosure vulnerability has been reported in Adobe Reader. The vulnerability is due to an error in the way Adobe Reader handles specially crafted PDF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file...

Upatre Downloader Spreading Dyreza Banking Trojan

The Upatre downloader is the vehicle that has driven numerous banking Trojan and ransomware attacks to the front door of countless victims at great cost. Microsoft on Thursday warned of a wire-transfer spam campaign that it’s spotted that is spreading Upatre and eventually loading the dangerous...