Binary Vulnerability in Blue Mountain PDF Reader

Blue Mountain PDF Reader is a PDF reader. Blue Mountain PDF Reader has a binary vulnerability that can be exploited by attackers to cause a denial of service...

Binary Vulnerability in Blue Mountain PDF Reader (CNVD-2021-22940)

Blue Mountain PDF Reader is a PDF reader. Blue Mountain PDF Reader has a binary vulnerability that can be exploited by attackers to gain server control privileges...

Design/Logic Flaw

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

CVE-2021-23953

CVE-2021-23953 concerns an information-disclosure vulnerability in the PDF handling of Mozilla Firefox (before 85.0) and Thunderbird (before 78.7), plus Firefox ESR before 78.7. The issue arises when a user opens a specially crafted PDF, which could leak cross-origin data served as chunked data. ...

CVE-2021-23953

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. This vulnerability affects Firefox 85, Thunderbird 78.7, and Firefox ESR 78.7...

Extreme PDF Reader suffers from a denial of service vulnerability (CNVD-2021-17329)

Extreme PDF Reader is a simple, small, efficient and effective PDF reader developed by Beijing Haiteng Times Technology Co. Extreme PDF Reader has a denial-of-service vulnerability that can be exploited by attackers to cause the program to crash...

Array Out-of-Bounds Read Vulnerability in Extreme PDF Reader

Extreme PDF Reader is a simple, small, efficient and effective PDF reader developed by Beijing Haiteng Times Technology Co. Extreme PDF Reader has an array out-of-bounds reading vulnerability that can be exploited by attackers to cause the program to crash...

Extreme PDF Reader suffers from an array out-of-bounds read vulnerability (CNVD-2021-17327)

Extreme PDF Reader is a simple, small, efficient and effective PDF reader developed by Beijing Haiteng Times Technology Co. Extreme PDF Reader has an array out-of-bounds reading vulnerability that can be exploited by attackers to cause the program to crash...

Array Out-of-Bounds Write Vulnerability in Extreme PDF Reader

Extreme PDF Reader is a simple, small, efficient and effective PDF reader developed by Beijing Haiteng Times Technology Co. Extreme PDF Reader has an array out-of-bounds writing vulnerability that can be exploited by attackers to cause the program to crash...

Important: thunderbird

Issue Overview: The Mozilla Foundation Security Advisory describes these flaws as: During the plaintext phase of the STARTTLS connection setup, protocol commands could have been injected and evaluated within the encrypted session. CVE-2020-15685 When a HTTPS page was embedded in a HTTP page, and...

Oracle Linux 8 : thunderbird (ELSA-2021-0298)

The remote Oracle Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-0298 advisory. 78.7.0-1.0.1 - Replaced thunderbird-redhat-default-prefs.js with thunderbird-oracle-default-prefs.js 78.7.0-1 - Update to 78.7.0 Tenable has extracted...

Mozilla: Cross-origin information leakage via redirected PDF requests

The Mozilla Foundation Security Advisory describes this flaw as: If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data...

Information Disclosure

firefox is vulnerable to information disclosure. The vulnerability exists as the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data...

Mozilla: Cross-origin information leakage via redirected PDF requests

The Mozilla Foundation Security Advisory describes this flaw as: If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data...

Mozilla Thunderbird < 78.7

The version of Thunderbird installed on the remote Windows host is prior to 78.7. It is, therefore, affected by multiple vulnerabilities as referenced in the mfsa2021-05 advisory. - Mozilla developers Alexis Beingessner, Christian Holler, Andrew McCreight, Tyson Smith, Jon Coppeard, Andr Bargull,...

Oracle Linux 7 : firefox (ELSA-2021-0290)

The remote Oracle Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2021-0290 advisory. 78.7.0-2.0.1 - Remove upstream references Orabug: 30143292 - Update distribution for Oracle Linux Orabug: 30143292 - Add firefox-oracle-default-prefs.j...

CVE-2021-23953

The Mozilla Foundation Security Advisory describes this flaw as: If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data...

Security Vulnerabilities fixed in Thunderbird 78.7 — Mozilla

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a...

Security Vulnerabilities fixed in Firefox ESR 78.7 — Mozilla

If a user clicked into a specifically crafted PDF, the PDF reader could be confused into leaking cross-origin information, when said information is served as chunked data. Using the new logical assignment operators in a JavaScript switch statement could have caused a type confusion, leading to a...

Design/Logic Flaw

The Portable Document Format PDF specification does not provide any information regarding the concrete procedure of how to validate signatures. Consequently, an Incremental Saving vulnerability exists in multiple products. When an attacker uses the Incremental Saving feature to add pages or...