Microsoft Windows PDF API Jpeg2000 csiz Remote Code Execution Vulnerability(CVE-2016-3319)

Description An exploitable out of bounds write vulnerability exists in the PDF parsing API in the latest versions of Microsoft Windows. A specially crafted PDF file can cause an out of bounds write resulting in arbitrary code execution. Vulnerability can be triggered via malicious web page or a...

FreeImage Library XMP Image Handling Code Execution Vulnerability(CVE-2016-5684)

Summary An exploitable out-of-bounds write vulnerability exists in the XMP image handling functionality of the FreeImage library. A specially crafted XMP file can cause an arbitrary memory overwrite resulting in code execution. An attacker can provide a malicious image to trigger this...

UBUNTU-CVE-2017-1000255

On Linux running on PowerPC hardware Power8 or later a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception interrupt, and use the r1 value from the signal frame as the kernel stack pointer. As part of the exception entry the content of the signa...

Oracle Outside In Technology PDF parser confusion Code Execution Vulnerability(CVE-2017-3271)

Summary An exploitable arbitrary write vulnerability exists in the PDF parser functionality of Oracle Outside In Technology SDK. A specially crafted PDF document can cause a parser confusion resulting in an arbitrary write vulnerability ultimately leading to code execution. Tested Versions Oracle...

Integer Underflow

ovs is vulnerable to integer underflows. The library does not properly check memory size in the ofputilpullqueuegetconfigreply10 function in lib\ofp-util.c, causing an integer underflow that can crash the application or overwrite memory...

FreeXL Fixes Two RCE Vulnerabilities

Researchers warned Monday of two remote code execution vulnerabilities in an open source C library that could let an attacker execute code with local user privileges. The library, FreeXL, was updated last week to fix the issues. It allows users to extract valid data from within an Excel .xls...

CVE-2017-8253

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace...

CVE-2017-8253

In all Qualcomm products with Android releases from CAF using the Linux kernel, kernel memory can potentially be overwritten if an invalid master is sent from userspace...

Adobe Acrobat Reader DC AcroForm PDFDocEncoding Remote Code Execution Vulnerability

Summary An exploitable case of parser confusion can lead to invalid pointer arithmetic in part of code responsible for parsing AcroForm forms in the Adobe Acrobat Reader DC 2017.009.20044. A specially crafted PDF file can abuse this unchecked pointer arithmetic to access and overwrite arbitrary...

Integer overflow

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...

CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...

CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...

CVE-2017-2820

CVE-2017-2820 affects freedesktop.org Poppler 0.53.0, where the JPEG 2000 image parsing code is vulnerable to an exploitable integer overflow. A crafted PDF can trigger an out-of-bounds heap memory overwrite, potentially leading to arbitrary code execution when opened in an application using Popp...

CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...

Poppler PDF library JPEG 2000 levels Code Execution Vulnerability

Summary An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code...

CVE-2017-2820

An exploitable integer overflow vulnerability exists in the JPEG 2000 image parsing functionality of freedesktop.org Poppler 0.53.0. A specially crafted PDF file can lead to an integer overflow causing out of bounds memory overwrite on the heap resulting in potential arbitrary code execution. To...

PuTTY < 0.68 - ssh_agent_channel_data Integer Overflow Heap Corruption Vulnerability

Exploit for linux platform in category dos / poc Source: https://www.chiark.greenend.org.uk/sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html summary: Vulnerability: integer overflow permits memory overwrite by forwarded ssh-agent connections class: vulnerability: This is a security...

PuTTY ssh_agent_channel_data Integer Overflow

Source: https://www.chiark.greenend.org.uk/sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html summary: Vulnerability: integer overflow permits memory overwrite by forwarded ssh-agent connections class: vulnerability: This is a security vulnerability. difficulty: fun: Just needs tuits, and not...

PuTTY &lt; 0.68 - &#039;ssh_agent_channel_data&#039; Integer Overflow Heap Corruption

Source: https://www.chiark.greenend.org.uk/sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html summary: Vulnerability: integer overflow permits memory overwrite by forwarded ssh-agent connections class: vulnerability: This is a security vulnerability. difficulty: fun: Just needs tuits, and not...

PuTTY 0.68 - ssh_agent_channel_data Integer Overflow Heap Corruption

PuTTY 0.68 - sshagentchanneldata Integer Overflow Heap Corruption Source: https://www.chiark.greenend.org.uk/sgtatham/putty/wishlist/vuln-agent-fwd-overflow.html summary: Vulnerability: integer overflow permits memory overwrite by forwarded ssh-agent connections class: vulnerability: This is a...