NOS Microsystems getPlus ActiveX控件缓冲区溢出漏洞

CVE ID：CVE-2008-4817 NOS Microsystems getPlus是一款下载管理器控件。 NOS Microsystems getPlus控件处理安装文件时存在缓冲区溢出，远程攻击者可以利用漏洞以应用程序权限执行任意指令。 存在问题的控件为 getPlus gp.ocx 1.2.2.50，目前证实用于Adobe Reader 8.1的WEB安装使用此控件，要判断此版本控件是否安装，注册表编辑器可用于尝试浏览此注册表键值： HKEYCLASSESROOT\CLSID\CF40ACC5-E1BB-4aff-AC72-04C2F616BCA7...

adobe-printf.txt

Adobe Reader Javascript Printf Buffer Overflow Exploit =========================================================== Reference: http://www.coresecurity.com/content/adobe-reader-buffer-overflow CVE-2008-2992 Thanks to coresecurity for the technical background. 6Nov,2008: Exploit released by me...

Adobe Reader util.printf() JavaScript Function Stack Overflow Exploit

No description provided by source. Adobe Reader 'util.printf' JavaScript Function Stack Buffer Overflow Exploit author: Elazar http://sebug.net/paper/poc/2008-APSB08-19.pdf...

CVE-2008-4812

Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...

CVE-2008-4814

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

CVE-2008-4816

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors...

CVE-2008-4813

Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that 1 performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or 2 contains a malformed PDF object that...

Security feature bypass

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors...

Input validation

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."...

Out-of-bounds

Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...

CVE-2008-4813

Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that 1 performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or 2 contains a malformed PDF object that...

CVE-2008-4812

Array index error in Adobe Reader and Acrobat, and the Explorer extension aka AcroRd32Info, 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts...

CVE-2008-4816

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors...

CVE-2008-4812

Adobe Reader/Acrobat (AcroRd32Info)

CVE-2008-4814

Adobe Reader/Acrobat is affected by CVE-2008-4814, a vulnerability in a JavaScript method that could allow remote code execution. The issue affects Adobe Reader/Acrobat 8.1.2 and earlier, and versions before 7.1.1, due to an input validation issue. Public advisories describe potential remote code...

CVE-2008-4816

CVE-2008-4816 concerns the Download Manager in Adobe Reader 8.1.2 and earlier on Windows. The vulnerability is described as unspecified, enabling remote attackers to change Internet Security options on a client machine via unknown vectors. The connected documents confirm the affected product/vers...

Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 (Windows)

This host has Adobe Reader/Acrobat installed, which is/are prone to multiple vulnerabilities. OpenVAS Vulnerability Test $Id: gbadobeprdtsmultvulnnov08win.nasl 5370 2017-02-20 15:24:26Z cfi $ Adobe Reader/Acrobat Multiple Vulnerabilities - Nov08 Windows Authors: Chandan S Copyright: Copyright c...

Adobe Reader - util.printf() JavaScript Function Stack Overflow (1)

Adobe Reader - util.printf JavaScript Function Stack Overflow 1 Adobe Reader 'util.printf' JavaScript Function Stack Buffer Overflow Exploit author: Elazar https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/6994.pdf 2008-APSB08-19.pdf milw0rm.com 2008-11-05...

Adobe Reader - 'util.printf()' JavaScript Function Stack Overflow (2)

Adobe Reader Javascript Printf Buffer Overflow Exploit =========================================================== Reference: http://www.coresecurity.com/content/adobe-reader-buffer-overflow CVE-2008-2992 Thanks to coresecurity for the technical background. 6Nov,2008: Exploit released by me...

Adobe Reader - 'util.printf()' JavaScript Function Stack Overflow (1)

Adobe Reader 'util.printf' JavaScript Function Stack Buffer Overflow Exploit author: Elazar https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/6994.pdf 2008-APSB08-19.pdf milw0rm.com 2008-11-05...