Lucene search
K

859 matches found

0day.today
0day.today
added 2020/06/16 12:0 a.m.133 views

Documalis Free PDF Editor Buffer Overflow Exploit

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Documalis Free PDF Editor', 'Description' = %qDocumalis Free PDF Editor is prone to a security vulnerability when open PDF files.When the...

0.6AI score
Exploits0
CNVD
CNVD
added 2020/06/05 12:0 a.m.7 views

Cloud Orange PDF Editor DLL Hijacking Vulnerability

Cloud Orange PDF Editor is a simple and easy to use PDF editing tool of Xunwu Cloud Orange Information Technology Co. Cloud Orange PDF Editor has a DLL hijacking vulnerability, which can be exploited by attackers to execute arbitrary code...

7.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/04/29 12:0 a.m.7 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of a null pointer pointer, which allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of a null pointer. Exploiting these vulnerabilities can allow an attacker...

9.3CVSS7.8AI score0.03668EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2020/03/26 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, Adobe Acrobat 2015, and Adobe Acrobat Reader 2015 are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow a...

9.3CVSS7.8AI score0.03637EPSS
Exploits0References3
CNVD
CNVD
added 2020/03/10 12:0 a.m.1 views

Foxit PDF Editor Personal Edition Installer has a dll Hijacking Vulnerability

Foxit PDF Editor is a pdf editor from Fujian Foxit Software Development Co., Ltd. that allows you to easily modify the content of a PDF document in a WYSIWYG manner for reliable and convenient editing without the need to understand PDF format knowledge. There is a dll hijacking vulnerability in t...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/03/05 12:0 a.m.2 views

Foxit PDF Editor Personal Edition Dll Hijacking Vulnerability

Foxit PDF Editor is a pdf editor from Fujian Foxit Software Development Co., Ltd. that allows you to easily modify the content of a PDF document in a WYSIWYG manner for reliable and convenient editing without the need to understand PDF format knowledge. Foxit PDF Editor Personal Edition has a Dll...

7.4AI score
Exploits0
CNVD
CNVD
added 2020/02/12 12:0 a.m.1 views

Extreme PDF Editor DLL Hijacking Vulnerability

Extreme PDF Editor a PDF editor. Extreme PDF Editor has a DLL hijacking vulnerability. An attacker can exploit this vulnerability to load a fake malicious dll file...

6.9AI score
Exploits0
CNVD
CNVD
added 2020/02/12 12:0 a.m.2 views

Foxit PDF Editor DLL Hijacking Vulnerability

Foxit PDF Editor is a PDF file editing software. Foxit PDF Editor has a DLL hijacking vulnerability. An attacker can exploit this vulnerability to load a fake malicious dll file...

6.9AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2020/02/11 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are related to an operation that allows data to be written beyond the buffer in memory, enabling attackers to disclose protected information.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, Adobe Acrobat Reader 2017, and Adobe Acrobat 2015 are due to an operation that goes beyond the buffer in memory. Exploiting these vulnerabilities...

7.8CVSS7.4AI score0.02893EPSS
Exploits0References3
CNVD
CNVD
added 2019/11/05 12:0 a.m.3 views

Investintech Able2Extract Professional Memory Corruption Vulnerability

Investintech Able2Extract Professional is a PDF document converter and editor from Investintech Canada. The product supports PDF document scanning, PDF editing and PDF viewing. Investintech Able2Extract Professional suffers from a memory corruption vulnerability that can be exploited by attackers...

8.8CVSS8AI score0.01955EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2019/10/16 12:0 a.m.6 views

The vulnerabilities of PDF viewing and editing programs like Adobe Acrobat Document Cloud and Adobe Acrobat Reader Document Cloud, as well as Adobe Acrobat 2017 and Adobe Acrobat Reader 2017, are related to memory usage after it is freed. This allows attackers to execute arbitrary code.

The vulnerabilities of PDF viewing and editing programs such as Adobe Acrobat Document Cloud, Adobe Acrobat Reader Document Cloud, Adobe Acrobat 2017, and Adobe Acrobat Reader 2017 are related to the use of memory after it is freed. Exploiting these vulnerabilities can allow an attacker to execut...

9.3CVSS6AI score0.09767EPSS
Exploits0References3
OSV
OSV
added 2019/10/11 12:15 a.m.4 views

CVE-2019-17497

Tracker PDF-XChange Editor before 8.0.330.0 has an NTLM SSO hash theft vulnerability using crafted FDF or XFDF files a related issue to CVE-2018-4993. For example, an NTLM hash is sent for a link to \192.168.0.2\C$\file.pdf without user interaction...

6.5CVSS6.9AI score0.06474EPSS
Exploits0References1
CNVD
CNVD
added 2019/10/10 12:0 a.m.2 views

Unspecified Vulnerability in Tracker Software PDF-XChange Editor

Tracker Software PDF-XChange Editor is a Canadian Tracker Software company's set of software for viewing, editing PDF format files. A security vulnerability exists in Tracker Software PDF-XChange Editor versions prior to 8.0.330.0, which can be exploited by an attacker to steal NTLM hashes and th...

6.5CVSS6.8AI score0.06474EPSS
Exploits0References1
OSV
OSV
added 2019/04/26 2:29 p.m.4 views

CVE-2019-11493

VeryPDF 4.1 has a Memory Overflow leading to Code Execution because pdfocx!CxImageTIF::operator in pdfocx.ocx used by pdfeditor.exe and pdfcmd.exe is mishandled...

7.8CVSS7.2AI score0.01431EPSS
Exploits1References1
CNVD
CNVD
added 2019/01/25 12:0 a.m.2 views

Denial of Service Vulnerability in Foxit Advanced PDF Editor 9 Enterprise Edition

Foxit Advanced PDF Editor is a PDF editor software from Fujian Foxit Software Development Co. Foxit Advanced PDF Editor 9 Enterprise Edition has a denial of service vulnerability that can be exploited by attackers to cause a denial of service...

6.7AI score
Exploits0
Microsoft Secure
Microsoft Secure
added 2018/07/26 1:0 p.m.28 views

Attack inception: Compromised supply chain within a supply chain poses new risks

A new software supply chain attack unearthed by Windows Defender Advanced Threat Protection Windows Defender ATP emerged as an unusual multi-tier case. Unknown attackers compromised the shared infrastructure in place between the vendor of a PDF editor application and one of its software vendor...

0.5AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2018/02/15 12:0 a.m.7 views

Vulnerability of Adobe software for viewing and editing PDF files, caused by an operation that goes beyond buffer boundaries in memory, allowing attackers to execute arbitrary code.

The vulnerability of Adobe’s software for viewing and editing PDF files arises from an operation that goes beyond the buffer in memory. Exploiting this vulnerability can allow a malicious actor to cause memory corruption and execute arbitrary code remotely...

10CVSS8.5AI score0.09086EPSS
Exploits0References4Affected Software2
Talos Blog
Talos Blog
added 2017/07/11 7:29 a.m.127 views

Vulnerability Spotlight: Iceni Infix PDF Editor Memory Corruption

Today, Talos is disclosing a vulnerability that has been identified in Iceni Infix PDF Editor that could lead to arbitrary code execution on affected hosts. This vulnerability manifests in a way that could be exploited if a user opens a specifically crafted PDF file that triggers this flaw. Talos...

6.8CVSS8.3AI score0.01215EPSS
Exploits2
BDU FSTEC
BDU FSTEC
added 2017/04/27 12:0 a.m.7 views

The vulnerabilities in programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the DLL library of OCR plugins for programs that read and edit PDF files, such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud, is related to security configuration errors. Exploiting this vulnerability can allow a malicious actor...

9.3CVSS7.4AI score0.02819EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2017/04/27 12:0 a.m.7 views

The vulnerabilities of programs for viewing and editing PDF files such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud allow attackers to execute arbitrary code.

The vulnerability of JBIG2 parsing functions in programs for viewing and editing PDF files, such as Adobe Reader, Adobe Acrobat, Adobe Acrobat Document Cloud, and Adobe Reader Document Cloud, arises due to the execution of an operation outside the buffer in memory. Exploiting this vulnerability c...

9.3CVSS8.3AI score0.04173EPSS
Exploits0References3Affected Software2
Rows per page
Query Builder