1189 matches found
Foxit Reader XFA Page prePrint Event Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
Foxit Reader FlateDecode Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within FlateDecode. A...
Foxit Reader Revision Number Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the object's revisi...
Foxit Reader XFA preOpen Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the...
Foxit PhantomPDF ListBox value Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Foxit PhantomPDF Signature field Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...
Foxit Reader Fields Format Action Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the handling of fields. A...
Adobe Flash AS2 actionCallMethod Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the actionCallMethod...
Adobe Flash MPEG-4 Memory Error Referencing Remote Code Execution Vulnerability (CNVD-2016-01525)
Adobe FlashPlayer is a multimedia program player. Adobe Flash has a security vulnerability in the MPEG-4 parsing that can force the reuse of a freed dangling pointer. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current process...
Adobe Flash MPEG-4 Memory Error Referencing Remote Code Execution Vulnerability
Adobe FlashPlayer is a multimedia program player. Adobe Flash has a security vulnerability in the MPEG-4 parsing that can force the reuse of a freed dangling pointer. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current process...
Adobe Flash MPEG-4 Memory Error Referencing Remote Code Execution Vulnerability (CNVD-2016-01524)
Adobe FlashPlayer is a multimedia program player. Adobe Flash has a security vulnerability in the MPEG-4 parsing that can force the reuse of a freed dangling pointer. An attacker can exploit this vulnerability to execute arbitrary code in the context of the current process...
Microsoft Windows 7 (x64) - afd.sys Dangling Pointer Privilege Escalation (MS14-040)
Microsoft Windows 7 x64 - afd.sys Dangling Pointer Privilege Escalation MS14-040 Exploit Title: MS14-040 - AFD.SYS Dangling Pointer Date: 2016-03-03 Exploit Author: Rick Larabee Vendor Homepage: www.microsoft.com Version: Windows 7, 64 bit Tested on: Win7 x64 afd.sys - 6.1.7601.17514 ntdll.dll -...
Microsoft Windows 7 (x64) - 'afd.sys' Dangling Pointer Privilege Escalation (MS14-040)
Exploit Title: MS14-040 - AFD.SYS Dangling Pointer Date: 2016-03-03 Exploit Author: Rick Larabee Vendor Homepage: www.microsoft.com Version: Windows 7, 64 bit Tested on: Win7 x64 afd.sys - 6.1.7601.17514 ntdll.dll - 6.1.7601.17514 CVE : CVE-2014-1767 Category: Local Privilege Escalation Reference...
Adobe Flash MPEG-4 Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MPEG-4 parsing. A...
Adobe Flash MPEG Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Flash. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within MPEG-4 parsing. A...
The use of the Linux kernel in Use-After-Free(UAF)vulnerability to mention the right-vulnerability warning-the black bar safety net
Last month broke the CVE-2 0 1 6-0 7 2 8 (local mention the right loopholes so everyone's attention once again focused on the linux kernel security. And CVE-2 0 1 5-3 6 3 6, The CVE-2 0 1 5-7 3 1 2, The CVE-2 0 1 4-2 8 5 1, CVE-2 0 1 6-0 7 2 8 is a Use-After-Free(UAF types of vulnerabilities. We...
(0Day) SAP 3D Visual Enterprise Viewer SketchUp document Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SAP 3D Visual Enterprise Viewer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer
Exploit for multiple platform in category dos / poc Source: https://code.google.com/p/google-security-research/issues/detail?id=698 There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A minimal PoC is as follows: var s = new Sound; var b = new ByteArray; for...
Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer
Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer Source: https://code.google.com/p/google-security-research/issues/detail?id=698 There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A minimal PoC is as follows: var s = new Sound; var b = new ByteArray...
Adobe Flash - Sound.loadPCMFromByteArray Dangling Pointer
Source: https://code.google.com/p/google-security-research/issues/detail?id=698 There is a dangling pointer that can be read, but not written to in loadPCMFromByteArray. A minimal PoC is as follows: var s = new Sound; var b = new ByteArray; for var i = 0; i 1600; i++ b.writeByte1; b.position = 0;...