CVE-2018-3982

CVE-2018-3982 is an exploitable arbitrary write vulnerability in the Atlantis Word Processor (Word Document parser). Cisco Talos reports that Atlantis Word Processor 3.0.2.3 and 3.0.2.5 can be induced to skip adding elements to a loop-indexed array, causing an out-of-bounds read of a pointer and,...

Vulnerability Spotlight: Multiple vulnerabilities in Atlantis Word Processor

Vulnerabilities discovered by Cory Duplantis of Cisco Talos. Overview Cisco Talos is disclosing several vulnerabilities discovered in Atlantis Word Processor. Atlantis Word Processor is a portable word processor that is also capable of converting any TXT, RTF, ODT, DOC, WRI, or DOCX document into...

Atlantis Word Processor document endnote reference code execution vulnerability

Summary An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis word processor. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an out-of-bound...

Arbitrary File Write via Archive Extraction (Zip Slip)

Overview System.IO.Compression.ZipFile provides classes that support the compression and decompression of streams using file system paths. Affected versions of this package are vulnerable to Arbitrary File Write via Archive Extraction Zip Slip. An attacker could write arbitrary files and...

PT-2018-1609 · Atlantis · Atlantis Word Processor

Name of the Vulnerable Software and Affected Versions: Atlantis Word Processor versions 3.0.2.3 through 3.0.2.5 Description: An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis Word Processor. A specially crafted document can prevent the application fro...

CVE-2018-1002208

SharpZipLib before 1.0 RC1 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ dot dot slash in a Zip archive entry that is mishandled during extraction. This vulnerability is also known as 'Zip-Slip'...

Diffoscope may write to arbitrary locations due to an untrusted archive

diffoscope before 76 writes to arbitrary locations on disk based on the contents of an untrusted archive...

Multiple Vulnerabilities in Phusion Passenger SpawningKit

Phusion Passenger is an Apache module from Phusion Netherlands for deploying Ruby on Rails projects on Apache and Nginx web servers.SpawningKit is one of the components. A security vulnerability exists in SpawningKit in version 5.3.x of Phusion Passenger prior to 5.3.2. An attacker can exploit th...

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-11854)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in the parsing of the U3D Texture Width framework in Foxit Reader version 9.0.0.29935, which stems from the program failing to properly validate the length of user-submitted data,...

SUSE SLES12 Security Update : kernel (SUSE-SU-2018:1001-1)

This update for the Linux Kernel 3.12.61-5292 fixes several issues. The following security issues were fixed : - CVE-2017-13166: An elevation of privilege vulnerability was fixed in the kernel v4l2 video driver. bsc1085447. - CVE-2018-1068: A flaw was found in the Linux kernels implementation of...

CVE-2015-9134

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qseemaccgeneccprivkey', untrusted pointer dereference occurs, which could result in arbitrary write...

Null pointer dereference

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qseemaccgeneccprivkey', untrusted pointer dereference occurs, which could result in arbitrary write...

CVE-2015-9134

In Android before 2018-04-05 or earlier security patch level on Qualcomm Snapdragon Mobile SD 410/12, SD 615/16/SD 415, and SD 810, while processing QSEE Syscall 'qseemaccgeneccprivkey', untrusted pointer dereference occurs, which could result in arbitrary write...

PYSEC-2018-83

diffoscope before 77 writes to arbitrary locations on disk based on the contents of an untrusted archive...

CVE-2018-3861

A specially crafted TIFF image processed via the application can lead to an out-of-bounds write, overwriting arbitrary data. An attacker can deliver a TIFF image to trigger this vulnerability and gain code execution...

CVE-2017-6282

NVIDIA Tegra kernel driver contains a vulnerability in NVMAP where an attacker has the ability to write an arbitrary value to an arbitrary location which may lead to an escalation of privileges. This issue is rated as high...

CVE-2017-6282

CVE-2017-6282 affects the NVIDIA Tegra kernel driver (NVMAP) where an attacker can write an arbitrary value to an arbitrary location, potentially causing privilege escalation. Documents confirm the vulnerability in the Tegra kernel driver and NVMAP component, with CVSS v3.0 scores (9.3 base, high...

Iolo System Shield AntiVirus and AntiSpyware Elevation of Privilege Vulnerability

Iolo System Shield AntiVirus and AntiSpyware is an antivirus program with anti-spyware features from Iolo Technolgies, USA. A security vulnerability exists in the amp.sys driver file in Iolo System Shield AntiVirus and AntiSpyware version 5.0.0.136, which originates from the program's failure to...

CVE-2018-5701

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003...

Design/Logic Flaw

In Iolo System Shield AntiVirus and AntiSpyware 5.0.0.136, the amp.sys driver file contains an Arbitrary Write vulnerability due to not validating input values from IOCtl 0x00226003...