798 matches found
Code injection
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
Code injection
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3097
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3090
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3092
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3092
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
Code injection
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3097
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3092
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3090
CVE-2017-3090 affects Adobe Digital Editions 4.5.4 and earlier, due to insecure library loading in the installer plugin, enabling arbitrary code execution. Multiple Nessus entries for ADE (Windows/macOS) corroborate that versions prior to 4.5.5 are affected (APSB17-20). Remediation is to update t...
CVE-2017-3090
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3097
Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution...
CVE-2017-3097
Adobe Digital Editions 4.5.4 and earlier are vulnerable to an insecure library loading vulnerability in the installer plugin (CVE-2017-3097), which could allow arbitrary code execution. The issue is documented in the NVD entry for CVE-2017-3097 and is referenced by other APSB17-20 advisories noti...
Adobe Digital Editions < 4.5.5 Multiple Vulnerabilities (APSB17-20)
The version of Adobe Digital Editions installed on the remote Windows host is prior to 4.5.5. It is, therefore, affected by multiple vulnerabilities : - Multiple memory corruption issues exist due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit these...
Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment may insecurely load Dynamic Link Libraries
Overview Installer of Houkokusyo Sakusei Shien Tool provided by Ministry of the Environment contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. and BlackWingCat of Pink Flying Whale reported this vulnerability to...
Installer of SaAT Netizen may insecurely load Dynamic Link Libraries
Overview The installer of SaAT Netizen provided by NetMove Corporation contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries CWE-427. DigiGnome reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security...
openSUSE Security Update : java-1_7_0-openjdk (openSUSE-2017-629)
This update for java-170-openjdk fixes the following issues : - Update to 2.6.10 - OpenJDK 7u141 bsc1034849 - Security fixes - S8163520, CVE-2017-3509: Reuse cache entries - S8163528, CVE-2017-3511: Better library loading - S8165626, CVE-2017-3512: Improved window framing - S8167110, CVE-2017-351...
Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE may insecurely load Dynamic Link Libraries
Overview Installers of the screensavers provided by JAPAN AIR SELF DEFENSE FORCE, MINISTRY OF DEFENSE contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. Eili Masami of Tachibana Lab. reported this vulnerability to IPA. JPCERT/CC coordinated wit...
VMware Workstation 12.x < 12.5.6 Insecure Library Loading Privilege Escalation (VMSA-2017-0009) (Linux)
The version of VMware Workstation installed on the remote Linux host is 12.x prior to 12.5.6. It is, therefore, affected by a privilege escalation vulnerability in the ALSA sound driver due to insecurely loading shared libraries via the '.asoundrc' configuration file. A local attacker can exploit...
CVE-2017-4915
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine...