302 matches found
Foxit PhantomPDF Information Disclosure Vulnerability (CNVD-2020-62458)
PhantomPDF is a Chinese Foxit Foxit company for enterprise-level users of PDF document processing software. An information disclosure vulnerability exists in Foxit PhantomPDF's handling of U3D objects embedded in PDF files. The vulnerability stems from improper validation of user-supplied data. A...
The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to writing data beyond the buffer in memory, allowing attackers to execute arbitrary code.
The vulnerability of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 is related to data writing beyond the buffer limits in memory. Exploiting this vulnerability can...
Debian DLA-2112-1 : python-reportlab security update
It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian 8 'Jessie', this problem has been fixed in version 3.1.8-3+deb8u2. We recommend that you upgrade...
Debian: Security Advisory (DLA-2112-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
[SECURITY] [DLA 2112-1] python-reportlab security update
Package : python-reportlab Version : 3.1.8-3+deb8u2 CVE ID : CVE-2019-17626 Debian Bug : 942763 It was found that ReportLab, a Python library to create PDF documents, did not properly parse color strings, allowing an attacker to execute arbitrary code through a crafted input document. For Debian ...
CentOS 6 : python-reportlab (RHSA-2020:0197)
The remote CentOS Linux 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0197 advisory. - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color='...
CentOS 7 : python-reportlab (RHSA-2020:0195)
The remote CentOS Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0195 advisory. - ReportLab through 3.5.26 allows remote code execution because of toColorevalarg in colors.py, as demonstrated by a crafted XML document with 'span color='...
CentOS: Security Advisory for python-reportlab (CESA-2020:0195)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CentOS: Security Advisory for python-reportlab (CESA-2020:0197)
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Important: Red Hat Security Advisory: python-reportlab security update
An update for python-reportlab is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerabili...
Oracle Linux 7 : python-reportlab (ELSA-2020-0195)
The remote Oracle Linux 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-0195 advisory. 2.5-9.el77.1 - Do not eval strings passed to toColor - Resolves: 1788552 2.5-9 - Mass rebuild 2014-01-24 2.5-8 - Mass rebuild 2013-12-27 2.5-7 - Rebuilt for...
Oracle Linux 8 : python-reportlab (ELSA-2020-0201)
The remote Oracle Linux 8 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2020-0201 advisory. 3.4.0-6.el810.2 - Fix Requires for doc subpackage - Resolves: 1788556 3.4.0-6.el810.1 - Do not eval strings passed to toColor - Resolves: 1788555 Tenable has...
Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04107)
Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...
Foxit Reader Memory Misreference Vulnerability (CNVD-2020-04097)
Foxit Reader old name: Foxit PDF Reader is a set of software used to read PDF format files, by Fujian Foxit Software developed by Foxit Reader is a set of free to use the software, the operating system is mainly based on Microsoft Windows, and as long as there is a Win32 implementation of the...
Fedora Update for pdfresurrect FEDORA-2019-b20614ff74
The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CVE-2019-16271
DTEN D5 and D7 before 1.3.2 devices allows remote attackers to read saved whiteboard image PDF documents via storage/emulated/0/Notes/PDF on TCP port 8080 without authentication...
[SECURITY] Fedora 29 Update: pdfbox-2.0.16-1.fc29
Apache PDFBox is an open source Java PDF library for working with PDF documents. This project allows creation of new PDF documents, manipulation of existing documents and the ability to extract content from documents. Apache PDFBox also includes several command line utilities. Apache PDFBox is...
Fedora Update for pdfresurrect FEDORA-2019-e01bc28777
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
CentOS 7 : ghostscript (CESA-2019:2281)
An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
Adobe Acrobat and Reader Buffer Overflow Vulnerability (CNVD-2019-29261)
Adobe Acrobat and Reader are the United States Odo than Adobe company's products. Adobe Acrobat is a set of PDF file editing and conversion tools. Reader is a set of PDF document reading software. Adobe Acrobat and Reader has a buffer overflow vulnerability, an attacker can use the vulnerability ...