81 matches found
EUVD-2011-3412
Malware in sbrugna...
EUVD-2008-4219
Malware in sbrugna...
EUVD-2010-1828
Malware in sbrugna...
EUVD-2009-2814
Malware in sbrugna...
EUVD-2010-1853
Malware in sbrugna...
USN-7228-1 libreoffice vulnerabilities
Thomas Rinsma discovered that LibreOffice incorrectly handled paths when processing embedded font files. If a user or automated system were tricked into opening a specially crafted LibreOffice file, a remote attacker could possibly use this issue to create arbitrary files ending with ".ttf"...
CVE-2024-12425
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...
CVE-2024-12425
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in The Document Foundation LibreOffice allows Absolute Path Traversal. An attacker can write to arbitrary locations, albeit suffixed with ".ttf", by supplying a file in a format that supports embedded font...
The vulnerability of the CoolType font processing framework in Acrobat Reader software, which is used for viewing and editing PDF files, allows a perpetrator to disclose protected information.
The vulnerability of the CoolType font processing framework in Acrobat Reader software, which is used for reading and editing PDF files, involves reading data beyond the allowed range in memory. Exploiting this vulnerability can allow an attacker to disclose protected information through a...
Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability
Talos Vulnerability Report TALOS-2023-1905 Adobe Acrobat Reader Font CPAL numColorRecords out-of-bounds read vulnerability February 15, 2024 CVE Number CVE-2024-20735 SUMMARY An out-of-bounds read vulnerability exists in the font file processing functionality of Adobe Acrobat Reader 2023.006.2038...
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2020 and Adobe Acrobat Reader 2020, relates to access to an uninitialized pointer, allowing attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2020, and Adobe Acrobat Reader 2020 is related to the access to an uninitialized pointer during the processing of embedded fonts. Exploiting this...
The vulnerability of the Windows operating system’s font library allows a hacker to execute arbitrary code.
The vulnerability of Windows font libraries is related to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted embedded font...
Microsoft DirectWrite AFDKO - Multiple Bugs in OpenType Font Handling Related to the _post_ Table
Microsoft DirectWrite AFDKO - Multiple Bugs in OpenType Font Handling Related to the post Table -----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library...
ttembed integer overflow vulnerability
ttembed is an embedded font program. A security vulnerability exists in the handling of input files in ttembed, which stems from the program failing to detect file boundaries. An attacker can exploit this vulnerability to corrupt an input file...
ttembed denial of service vulnerability
ttembed is an embedded font program. An input validation vulnerability exists in ttembed. An attacker could exploit this vulnerability to cause a denial of service with a specially crafted input file...
Microsoft Embedded OpenType Font Engine Information Disclosure Vulnerability
Microsoft Windows 7 and Windows Server 2008 are both products of Microsoft Corporation. The former is an operating system for personal computers and the latter is a server operating system.Windows Embedded OpenType EOT font engine is one of the font engines. An information disclosure vulnerabilit...
CVE-2016-3396
Graphics Device Interface aka GDI or GDI+ in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, and 1607; Office 2007 SP3; Office 2010 SP2; Word Viewer; Skype for Business 2016; Lync...
The vulnerability of the Microsoft Office suite of programs, the Word Viewer program for reading doc files, the Windows operating system, Microsoft Lync and Skype for Business instant messaging programs, and the Live Meeting software used for web conferences allow a perpetrator to execute arbitrary code.
The vulnerability of the Windows font library in the Microsoft Office software suite, as well as programs like Word Viewer for reading DOC files, Windows operating systems, Microsoft Lync and Skype for Business instant messaging applications, and the Live Meeting web conference software, exists d...
CVE-2016-3304
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Console allows remote attackers to execute...
CVE-2016-3303
The Windows font library in Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Office 2007 SP3, Office 2010 SP2, Word Viewer, Skype for Business 2016, Lync 2013 SP1, Lync 2010, Lync 2010 Attendee, and Live Meeting 2007 Console allows remote attackers to execute...