147 matches found
UBUNTU-CVE-2022-2624
Heap buffer overflow in PDF in Google Chrome prior to 104.0.5112.79 allowed a remote attacker who convinced a user to engage in specific user interactions to potentially exploit heap corruption via a crafted PDF file...
DEBIAN-CVE-2022-1875
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
UBUNTU-CVE-2022-1875
Inappropriate implementation in PDF in Google Chrome prior to 102.0.5005.61 allowed a remote attacker to leak cross-origin data via a crafted HTML page...
Adobe Acrobat和Adobe Reader 资源管理错误漏洞
Adobe Acrobat and Adobe Reader are the United States of America Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Adobe Reader is a set of PDF document reading software. Adobe Acrobat and Adobe Reader there are resource management error...
Stack overflow
Acrobat Reader DC versions 2021.005.20060 and earlier, 2020.004.30006 and earlier and 2017.011.30199 and earlier are affected by a stack overflow vulnerability due to insecure handling of a crafted PDF file, potentially resulting in memory corruption in the context of the current user. Exploitati...
CVE-2021-27046
A Memory Corruption vulnerability for PDF files in Autodesk Navisworks 2019, 2020, 2021, 2022 may lead to code execution through maliciously crafted DLL files...
CVE-2021-30786
A race condition was addressed with improved state handling. This issue is fixed in iOS 14.7, macOS Big Sur 11.5. Opening a maliciously crafted PDF file may lead to an unexpected application termination or arbitrary code execution...
June 29, 2021—KB5004760 (OS Builds 19041.1082, 19042.1082, and 19043.1082) Out-of-band
June 29, 2021—KB5004760 OS Builds 19041.1082, 19042.1082, and 19043.1082 Out-of-band 6/21/21 IMPORTANT This release includes the Flash Removal Package. Taking this update will remove Adobe Flash from the machine. For more information, see the Update on Adobe Flash Player End of Support. 4/13/21...
CVE-2021-31447
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.1.37576. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
ImageMagick: Command injection
Background A collection of tools and libraries for many image formats. Description A flaw in ImageMagick’s handling of password protected PDFs was discovered. Impact A remote attacker could entice a user to open a specially crafted PDF using ImageMagick possibly resulting in execution of arbitrar...
OSV-2018-245 Use-of-uninitialized-value in fz_keep_imp
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6837 Crash type: Use-of-uninitialized-value Crash state: fzkeepimp pdfcopypatterngstate pdfshowpattern...
Integer Overflow
Google Chrome is vulnerable to integer overflow. An attacker may perform out of bounds memory access via a crafted PDF file...
Cross site scripting
Adobe Illustrator version 24.2 and earlier is affected by an out-of-bounds write vulnerability when handling crafted PDF files. This could result in a write past the end of an allocated memory structure, potentially resulting in arbitrary code execution in the context of the current user. This...
Heap overflow
DaviewIndy 8.98.9 and earlier has a Heap-based overflow vulnerability, triggered when the user opens a malformed PDF file that is mishandled by Daview.exe. Attackers could exploit this and arbitrary code execution...
CVE-2020-10903
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2020-10894
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2020-10894
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF 9.7.1.29511. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Foxit PhantomPDF U3DBrowser U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Arbitrary Code Execution
cups is vulnerable to arbitrary code execution. The vulnerability exists in the handling of PDF files. An attacker could create a malicious PDF file that would cause CUPS to crash or potentially execute arbitrary code when printed...