302 matches found
[SECURITY] Fedora 34 Update: pdfbox-2.0.24-1.fc34
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
[SECURITY] Fedora 33 Update: pdfbox-2.0.24-1.fc33
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
Researchers Demonstrate 2 New Hacks to Modify Certified PDF Documents
Cybersecurity researchers have disclosed two new attack techniques on certified PDF documents that could potentially enable an attacker to alter a document's visible content by displaying malicious content over the certified content without invalidating its signature. "The attack idea exploits the...
Microsoft Warns of Data Stealing Malware That Pretends to Be Ransomware
Microsoft on Thursday warned of a "massive email campaign" that's pushing a Java-based STRRAT malware to steal confidential data from infected systems while disguising itself as a ransomware infection. "This RAT is infamous for its ransomware-like behavior of appending the file name extension...
CVE-2021-31463
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2021-31468
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2021-31467
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader 10.1.3.37598. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Foxit Reader U3D File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of U3D...
Foxit Reader U3D File Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling ...
[SECURITY] Fedora 33 Update: pdfbox-2.0.23-1.fc33
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
[SECURITY] Fedora 32 Update: pdfbox-2.0.23-1.fc32
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
Foxit PhantomPDF 缓冲区错误漏洞
Foxit PhantomPDF is China's Foxit Foxit company a PDF document reader. Foxit PhantomPDF suffers from an out-of-bounds write vulnerability when processing U3D objects in PDF files. The vulnerability stems from the program not properly validating user input. An attacker could exploit this...
CVE-2021-21057
Acrobat Reader DC versions versions 2020.013.20074 and earlier, 2020.001.30018 and earlier and 2017.011.30188 and earlier are affected by a null pointer dereference vulnerability when parsing a specially crafted PDF file. An unauthenticated attacker could leverage this vulnerability to achieve...
Security Bulletin: ViewONE is vulnerable to XXE attack when opening PDF documents
Summary ViewONE is vulnerable to XXE attack when opening PDF documents. Vulnerability Details CVEID: CVE-2018-1835 DESCRIPTION: IBM Daeja Virtual is vulnerable to a XML External Entity Injection XXE attack when processing XML data. A remote attacker could exploit this vulnerability to expose...
Virtuozzo 7 : ghostscript / ghostscript-cups / ghostscript-doc / etc (VZLSA-2019-3888)
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fr...
Fedora: Security Advisory for pdfresurrect (FEDORA-2020-e9f9bb77a0)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
[SECURITY] Fedora 33 Update: pdfresurrect-0.21-1.fc33
PDFResurrect is a tool aimed at analyzing PDF documents. The PDF format allows for previous document changes to be retained in a more recent version of the document, thereby creating a running history of changes for the document. This tool attempts to extract all previous versions while also...
Debian DLA-2475-1 : pdfresurrect security update
Vulnerabilities have been discovered in pdfresurrect, a tool for analyzing and manipulating revisions to PDF documents. CVE-2019-14934 pdfloadpageskids in pdf.c doesn't validate a certain size value, which leads to a malloc failure and out-of-bounds write CVE-2020-20740 lack of header validation...
Foxit PhantomPDF Remote Code Execution Vulnerability (CNVD-2020-62464)
PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. A remote code execution vulnerability exists in Foxit PhantomPDF's handling of U3D objects embedded in PDF files. The vulnerability stems from a failure to properly validate the length of...