MiracleLinux 7 : texlive-2012-45.20130427_r30134.el7 (AXSA:2020-4564:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2020-4564:01 advisory. texlive: Buffer overflow in t1checkunusualcharstring function in writet1.c CVE-2018-17407 Tenable has extracted the preceding description block directly from...

EUVD-2020-23052

Malware in sbrugna...

icu security update

67.1-10 - ICU-22973 Fix buffer overflow by using CharString Resolves: RHEL-96664...

Adobe Reader 11.0.10 CoolType Out-Of-Bounds Read

Adobe Reader version 11.0.10 proof of concept exploit that demonstrates an out-of-bounds read found in 2015. ============================================================================================================================================= | Title : Adobe Reader 11.0.10 CoolType...

Adobe Reader CoolType Out-Of-Bounds Read

The Type1/CFF CharString interpreter code in the Adobe Reader CoolType.dll font library does not check if the input stream pointer has not gone beyond the end of the source buffer, which stores the state machine instructions. The Type1/CFF CharString interpreter code in the Adobe Reader...

K16380: FreeType vulnerabilities CVE-2014-9656 and CVE-2014-9659

Security Advisory Description CVE-2014-9656 The ttsbitdecoderloadimage function in sfnt/ttsbit.c in FreeType before 2.5.4 does not properly check for an integer overflow, which allows remote attackers to cause a denial of service out-of-bounds read or possibly have unspecified other impact via a...

Stack Consumption

xpdf is vulnerable to stack consumption. The vulnerability exists due to an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

CVE-2020-35376

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

Design/Logic Flaw

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

CVE-2020-35376

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

CVE-2020-35376

Xpdf 4.02 allows stack consumption because of an incorrect subroutine reference in a Type 1C font charstring, related to the FoFiType1C::getOp function...

CVE-2020-35376

CVE-2020-35376 affects Xpdf 4.02, where FoFiType1C::getOp() misreferences a subroutine in a Type 1C font string, causing stack consumption. The Gentoo GLSA (GLSA-202405-18) recommends upgrading to Xpdf 4.04 or newer to fix the vulnerability. No exploitation details are provided in the connected d...

Adobe Acrobat Pro DC PostScript CharString Directory NULL Pointer Dereference Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processin...

Adobe Photoshop PostScript File Font Parsing Charstring store Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows attackers to execute arbitrary code on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of...

Adobe Photoshop PostScript File Font Parsing Charstring index Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Photoshop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Microsoft DirectWrite / AFDKO - Interpreter Stack Underflow in OpenType Font Handling Due to Missing CHKUFLOW

-----===== Background =====----- AFDKO Adobe Font Development Kit for OpenType is a set of tools for examining, modifying and building fonts. The core part of this toolset is a font handling library written in C, which provides interfaces for reading and writing Type 1, OpenType, TrueType to some...

Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Adobe Acrobat Pro DC PostScript File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

Adobe Acrobat Pro DC Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...

SRC-2019-0058 : Adobe Photoshop CC Type 2 Font Charstring callothersubr Type Confusion Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...