2110 matches found
CVE-2018-3842
An exploitable use of an uninitialized pointer vulnerability exists in the JavaScript engine in Foxit PDF Reader version 9.0.1.1049. A specially crafted PDF document can lead to a dereference of an uninitialized pointer which, if under attacker control, can result in arbitrary code execution. An...
CVE-2018-3842
CVE-2018-3842 affects Foxit PDF Reader (and related Foxit PDF components) with an exploitable use of an uninitialized pointer in the JavaScript engine. A specially crafted PDF can lead to dereference of uninitialized memory, enabling arbitrary code execution when the user opens the file; attack s...
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Talos is disclosing five vulnerabilities in Foxit PDF Reader. Foxit PDF Reader is a popular free program for viewing, creating, and editing PDF documents. It is commonly used as an alternative to Adobe Acrobat Reader and has a widely used browser plugin available. Update to the current...
PT-2018-16236 · Foxit · Foxit Pdf Reader
Name of the Vulnerable Software and Affected Versions: Foxit PDF Reader version 9.0.1.1049 Description: The issue is related to an uninitialized pointer in the JavaScript engine. A specially crafted PDF document can cause a dereference of this pointer, potentially leading to arbitrary code...
OMRON CX-Supervisor SCS File Parsing Uninitialized Pointer Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of OMRON CX-Supervisor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing ...
CVE-2018-7515
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets...
CVE-2018-7515
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets...
Null pointer dereference
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets...
CVE-2018-7515
In Omron CX-Supervisor Versions 3.30 and prior, access of uninitialized pointer vulnerabilities can be exploited when CX Supervisor indirectly calls an initialized pointer when parsing malformed packets...
CVE-2018-7515
OMRON CX-Supervisor CVE-2018-7515 affects CX-Supervisor, versions 3.30 and earlier. The flaw is an uninitialized pointer that can be triggered during parsing of malformed SCS project files, allowing remote code execution under the process context. ZDI advisories confirm remote code execution via ...
CVE-2018-1000099
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...
CVE-2018-1000099
Teluu PJSIP version 2.7.1 and earlier contains a Access of Null/Uninitialized Pointer vulnerability in pjmedia SDP parsing that can result in Crash. This attack appear to be exploitable via Sending a specially crafted message. This vulnerability appears to have been fixed in 2.7.2...
CVE-2018-1000099
CVE-2018-1000099 affects Teluu PJSIP up to version 2.7.1, where a null/uninitialized pointer vulnerability in pjmedia SDP parsing can crash a system. Exploitation is tied to processing specially crafted SDP messages; the issue is stated to be fixed in PJSIP 2.7.2. Connected advisories reference D...
Omron CX-Supervisor (Update A)
1. EXECUTIVE SUMMARY CVSS v3 5.3 ATTENTION : Low skill level to exploit Vendor : Omron Equipment : CX-Supervisor Vulnerabilities : Stack-based Buffer Overflow, Use After Free, Access of Uninitialized Pointer, Double Free, Out-of-bounds Write, Untrusted Pointer Dereference, Heap-based Buffer...
USN-3581-3: Linux kernel (Raspberry Pi 2) vulnerabilities
Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...
Ubuntu 14.04 LTS : Linux kernel (Xenial HWE) vulnerabilities (USN-3582-2)
The remote Ubuntu 14.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-3582-2 advisory. USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enableme...
CVE-2017-14082
An uninitialized pointer information disclosure vulnerability in Trend Micro Mobile Security Enterprise versions 9.7 and below could allow an unauthenticated remote attacker to disclosure sensitive information on a vulnerable system...
CVE-2017-16377
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is due to a computation that accesses a pointer that has not been initialized in...
CVE-2017-16378
An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is due to a computation that accesses a pointer that has not been initialized; t...
Uninitialized Pointer Access Vulnerability in Multiple Adobe Products
Adobe Acrobat DC, etc. are the United States of America Auduby Adobe company's products. Acrobat DC is a desktop PDF solution; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF.Classic and Continuous are Acrobat DC and Acrobat Reader DC product download center provides...