61 matches found
RLSA-2021:1881 Moderate: poppler and evince security, bug fix, and enhancement update
Poppler is a Portable Document Format PDF rendering library, used by applications such as Evince. The evince packages provide a simple multi-page document viewer for Portable Document Format PDF, PostScript PS, Encapsulated PostScript EPS files, and, with additional back-ends, also the Device...
UBUNTU-CVE-2021-28677
An issue was discovered in Pillow before 8.2.0. For EPS data, the readline implementation used in EPSImageFile has to deal with any combination of \r and \n as line endings. It used an accidentally quadratic method of accumulating lines while looking for a line ending. A malicious EPS file could...
CVE-2020-17422
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.922. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
Foxit Studio Photo 缓冲区错误漏洞
Foxit Studio Photo is a set of image editing software from the Chinese company Foxit Foxit. A remote code execution vulnerability exists in the handling of EPS files in Foxit Studio Photo 3.6.6.930 and earlier versions. The vulnerability stems from a lack of proper validation of user-supplied dat...
Microsoft Office Remote Code Execution (CVE-2017-0261)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
ALPINE-CVE-2020-16309
A buffer overflow vulnerability in lxm5700mprintpage in devices/gdevlxm.c of Artifex Software GhostScript v9.50 allows a remote attacker to cause a denial of service via a crafted eps file. This is fixed in v9.51...
ALPINE-CVE-2020-16304
A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...
UBUNTU-CVE-2020-16304
A buffer overflow vulnerability in imagerendercolorthresh in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51...
CVE-2020-8883
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit Studio Photo 3.6.6.916. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists with...
CVE-2019-13325
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Studio Photo 3.6.6.909. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
PT-2019-13261 · Foxit · Foxit Studio Photo
Name of the Vulnerable Software and Affected Versions: Foxit Studio Photo version 3.6.6.909 Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a malicious file. The...
SRC-2019-0062 : Adobe Photoshop CC ASCII85Decode filter Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0061 : Adobe Photoshop CC ASCII85Decode filter Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
SRC-2019-0063 : Adobe Photoshop CC image length Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
VulnCheck KEV: CVE-2013-4979
Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file...
VulnCheck KEV: CVE-2013-0808
Hangul Word Processor contains a buffer overflow vulnerability that can be exploited by an embedded EPS object contained in a malicious HWP document...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-06561)
Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office. An attacker can exploit this vulnerabili...
Encapsulated PostScript (EPS) の脆弱性を利用した攻撃に対処するために団結する
本記事は、MSRC Team のブログ “Coming together to address Encapsulated PostScript EPS attacks” 2017 年 5 月 9 日 米国時間公開 を翻...
Microsoft Office EPS Remote Code Execution (CVE-2017-0262)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
Microsoft Office Multiple Remote Code Execution (CVE-2017-0261)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...