Adobe Photoshop 26.x < 26.9 Vulnerability (APSB25-108)

The version of Adobe Photoshop installed on the remote Windows host is prior to 26.9. It is, therefore, affected by a vulnerability as referenced in the apsb25-108 advisory. - Photoshop Desktop versions 26.8.1 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could resul...

SUSE CVE-2016-1100

Unspecified vulnerability in Adobe Flash Player 21.0.0.213 and earlier, as used in the Adobe Flash libraries in Microsoft Internet Explorer 10 and 11 and Microsoft Edge, has unknown impact and attack vectors, a different vulnerability than other CVEs listed in MS16-064...

Vulnerability fixed in Adobe After Effects

Adobe has fixed a vulnerability in After Effects. A malicious party could exploit the vulnerability to execute arbitrary code execute arbitrary code with the victim's privileges. The malicious party must entice the victim to open a rogue file to do so. Adobe has released updates to fix the...

Adobe Acrobat and Reader Heap Overflow (APSB19-41: CVE-2019-8046)

A buffer overflow vulnerability exists in Adobe Acrobat and Reader. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system or cause application crashes...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 28, 2018

I ended up at an urgent care clinic earlier this week and found out I have strep throat. The doctor who examined me asked me what medicine I had taken prior to my visit to help alleviate my throat pain, to which I replied, “I took a multi-symptom liquid medicine because the pain was keeping me...

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 4, 2017

It snowed in Austin, Texas last night. It’s not a big deal for those of you who live in areas where you’re used to snow, but for those of us who are native Texans, it’s a big deal. Funny enough, I had scheduled a maintenance appointment for later today to make sure our heater is in working order...

Adobe ColdFusion 11 Update 10 - XML External Entity Injection

Adobe ColdFusion 11 Update 10 - XML External Entity Injection ''' ============================================= - Discovered by: Dawid Golunski - http://legalhackers.com - dawid at legalhackers.com - CVE-2016-4264 - APSB16-30 - Release date: 31.08.2016 - Severity: Critical...

Fake Payroll Confirmation Email Leads to Black Hole Exploit Kit

Criminal hackers launched an attack campaign earlier this week in which they sent a slew of emails purporting to come from the financial software developer Intuit. The emails contained links that led to sites hosting the Blackhole exploit kit in an apparent attempt to infect the machines of...

Researchers: Google Aurora Attackers Back in Business?

Just when you thought it was safe to go back in your e-mail…Researchers say a new round of targeted attacks appear to come from the same group responsible for attacks against Google and other top U.S. firms. Writing on the Symantec Security blog...