2451 matches found
Heap overflow
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file ca...
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...
Heap overflow
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...
CVE-2017-2814
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted pdf can cause an image resizing after allocation has already occurred, resulting in heap corruption which can lead to code execution. An attacker controlled PDF file ca...
DEBIAN-CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...
CVE-2017-2818
An exploitable heap overflow vulnerability exists in the image rendering functionality of Poppler 0.53.0. A specifically crafted PDF can cause an overly large number of color components during image rendering, resulting in heap corruption. An attacker controlled PDF file can be used to trigger th...
Windows Explorer Denial of Service Vulnerability
An Denial Of Service vulnerability exists when Windows Explorer attempts to open a non-existent file. An attacker who successfully exploited this vulnerability could cause a denial of service. A attacker could exploit this vulnerability by hosting a specially crafted web site and convince a user ...
CVE-2017-6325
The Symantec Messaging Gateway can encounter a file inclusion vulnerability, which is a type of vulnerability that is most commonly found to affect web applications that rely on a scripting run time. This issue is caused when an application builds a path to executable code using an...
Malware Network Communication Provides Better Early Warning Signal
Research is expected to be unveiled today that challenges the industry’s current reliance on dynamic malware analysis as the best means of early detection of infections. Instead, researchers from the Georgia Institute of Technology, the IMDEA Software Institute and EURECOM posit that a better...
CVE-2017-8911
An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker...
UBUNTU-CVE-2017-8911
An integer underflow has been identified in the unicodetoutf8 function in tnef 1.4.14. This might lead to invalid write operations, controlled by an attacker...
CVE-2016-9467
Nextcloud Server before 9.0.54 and 10.0.1 & ownCloud Server before 9.0.6 and 9.1.2 suffer from content spoofing in the files app. The location bar in the files app was not verifying the passed parameters. An attacker could craft an invalid link to a fake directory structure and use this to displa...
CVE-2017-6307
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...
Type confusion
An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the fileaddmapiattrs function. These might lead to invalid read and write operations, controlled by an attacker...
UBUNTU-CVE-2017-6307
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...
CVE-2017-6310
An issue was discovered in tnef before 1.4.13. Four type confusions have been identified in the fileaddmapiattrs function. These might lead to invalid read and write operations, controlled by an attacker...
CVE-2017-6307
An issue was discovered in tnef before 1.4.13. Two OOB Writes have been identified in src/mapiattr.c:mapiattrread. These might lead to invalid read and write operations, controlled by an attacker...
CVE-2017-6309
An issue was discovered in tnef before 1.4.13. Two type confusions have been identified in the parsefile function. These might lead to invalid read and write operations, controlled by an attacker...
Android Arbitrary class loading and instantiation in protobuf parcelable "javanano" compiler
The protobuf library includes the "javanano" compiler, commonly used in many Android applications due to its tiny resource footprint. The "javanano" compiler supports a variety of Android-specific compilation flags which can be used to modify the generated message classes. One such compilation fl...