491 matches found
CVE-2016-5184
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...
UBUNTU-CVE-2016-5183
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...
UBUNTU-CVE-2016-5184
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...
CVE-2016-5183
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...
Beware of New Celebrity Sex Tape (Scam) Leaked on Facebook!
If you came across a celebrity sex video on Facebook featuring Jessica Alba or any other celebrity, just avoid clicking it. Another Facebook scam is circulating across the social networking website that attempts to trick Facebook users into clicking on a link for a celebrity sex tape that instead...
chromium-browser: out of bounds write in pdfium
Heap buffer overflow during TIFF image parsing in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to potentially exploit heap corruption via a crafted PDF file...
chromium-browser: use after free in pdfium
A use after free in PDFium in Google Chrome prior to 55.0.2883.75 for Mac, Windows and Linux, and 55.0.2883.84 for Android allowed a remote attacker to perform an out of bounds memory read via a crafted PDF file...
chromium-browser: use after free in pdfium
A heap use after free in PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android allows a remote attacker to potentially exploit heap corruption via crafted PDF files...
chromium-browser: use after free in pdfium
PDFium in Google Chrome prior to 54.0.2840.59 for Windows, Mac, and Linux; 54.0.2840.85 for Android incorrectly handled object lifecycles in CFFLFormFillter::KillFocusForAnnot, which allowed a remote attacker to potentially exploit heap corruption via crafted PDF files...
openSUSE Security Update : ImageMagick (openSUSE-2016-757)
This update for ImageMagick fixes the following issues : This security issue was fixed : - CVE-2016-5118: Prevent code execution via popen bsc982178 This non-security issue was fixed : - Fix encoding of /Title in generated PDFs. bsc867943 This update was imported from the SUSE:SLE-12:Update updat...
SUSE: Security Advisory for ImageMagick (SUSE-SU-2016:1570-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
UBUNTU-CVE-2016-2175
Apache PDFBox before 1.8.12 and 2.x before 2.0.1 does not properly initialize the XML parsers, which allows context-dependent attackers to conduct XML External Entity XXE attacks via a crafted PDF...
Vulnerability of the Windows operating system, allowing a perpetrator to execute arbitrary code
The vulnerability of the Windows PDF library exists due to insufficient validation of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted PDF document...
Adobe Reader Out-Of-Bounds Indexing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Adobe Reader and Acrobat Memory Misreference Vulnerability (CNVD-2016-00270)
Adobe Reader is a PDF document reading software. Acrobat is a PDF document editing software. Adobe Reader and Acrobat processing PDF documents exist after the use of the use of vulnerabilities, allowing remote attackers to exploit the vulnerability to build malicious PDF files, inducing the user ...
Adobe Reader and Acrobat Memory Misreference Vulnerability (CNVD-2016-00269)
Adobe Reader is a PDF document reading software. Acrobat is a PDF document editing software. Adobe Reader and Acrobat processing PDF documents exist after the use of the use of vulnerabilities, allowing remote attackers to exploit the vulnerability to build malicious PDF files, inducing the user ...
Adobe Reader DC Global Javascript API Restriction Bypass Vulnerability
Adobe Reader is PDF document reading software. A security vulnerability exists in Adobe Reader's handling of constructed Global objects. By creating PDF documents with specific JS instructions, an attacker can exploit this vulnerability to execute arbitrary code in the context of the current...
Adobe Reader Graphics State Parameter Dictionary Double Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
UBUNTU-CVE-2015-6758
The CPDFDocument::GetPage function in fpdfapi/fpdfparser/fpdfparserdocument.cpp in PDFium, as used in Google Chrome before 46.0.2490.71, does not properly perform a cast of a dictionary object, which allows remote attackers to cause a denial of service or possibly have unspecified other impact vi...