The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in the PDF file viewing software Adobe Reader, Document Cloud, Adobe Reader, and PDF file editing software Adobe Acrobat Document Cloud, Adobe Acrobat stems from an operation that occurs outside of the buffer in memory. Exploiting this vulnerability allows a malicious actor to...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in the image conversion module of PDF viewer programs like Adobe Reader, Document Cloud, and PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a maliciou...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in PDF viewer programs such as Adobe Reader and Document Cloud, as well as in PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to...

The vulnerabilities of PDF viewer programs such as Adobe Reader and Document Cloud, as well as PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, allow attackers to execute arbitrary code.

The vulnerability in PDF viewer programs such as Adobe Reader and Document Cloud, as well as in PDF editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat, arises due to an operation that goes beyond the buffer in memory. Exploiting this vulnerability allows a malicious actor to...

POSNIC 1.03 Shell Upload

0 echo "Return Code: " . $FILES"file""error" . ""; else $upload = $FILES"file""name"; $type = $FILES"file""type"; if fileexists"upload/" . $FILES"file""name" unlink$upload; $name = $FILES"file""name"; moveuploadedfile$FILES"file""tmpname", "upload/" . $name; //echo "Stored in: " . "upload/"...

Gratipay: Content length restriction bypass can lead to DOS by reading large files on gip.rocks

Hello team, Introduction Since you mentioned in the rules that all libraries listed on your github repositories are in scope, I decided to take a look at http://gip.rocks Problem: The application reads an image file and convert it into smaller formats, zip it and let the users to download the...

The vulnerability of the LibTIFF library, which allows a hacker to trigger a service failure

The vulnerability of the tiffsplit service in the LibTIFF library arises from an operation that goes beyond the buffer boundaries on the stack. Exploiting this vulnerability allows a malicious actor to cause a service failure using a specially crafted file...

libtiff: TIFFFlushData1 heap-buffer-overflow

tifwrite.c in libtiff 4.0.6 has an issue in the error code path of TIFFFlushData1 that didn't reset the tifrawcc and tifrawcp members. Reported as MSVR 35095, aka "TIFFFlushData1 heap-buffer-overflow."...

ALPINE-CVE-2016-5317

Buffer overflow in the PixarLogDecode function in libtiff.so in the PixarLogDecode function in libtiff 4.0.6 and earlier, as used in GNOME nautilus, allows attackers to cause a denial of service attack crash via a crafted TIFF file...

CVE-2017-2965

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2966

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable heap overflow vulnerability in the image conversion engine related to parsing malformed TIFF segments. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2960

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to parsing of EXIF metadata. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2943

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability when processing tags in TIFF images. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2954

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion module when handling malformed TIFF images. Successful exploitation could lead to arbitrary code execution...

CVE-2017-2965

Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the image conversion engine, related to TIFF file parsing. Successful exploitation could lead to arbitrary code execution...

libTIFF: Multiple vulnerabilities

Background The TIFF library contains encoding and decoding routines for the Tag Image File Format. It is called by numerous programs, including GNOME and KDE applications, to interpret TIFF images. Description Multiple vulnerabilities have been discovered in libTIFF. Please review the CVE...

CVE-2016-10058

Memory leak in the ReadPSDLayers function in coders/psd.c in ImageMagick before 6.9.6-3 allows remote attackers to cause a denial of service memory consumption via a crafted image file...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...

CVE-2016-7168

Cross-site scripting XSS vulnerability in the mediahandleupload function in wp-admin/includes/media.php in WordPress before 4.6.1 might allow remote attackers to inject arbitrary web script or HTML by tricking an administrator into uploading an image file that has a crafted filename...