61 matches found
Coming together to address Encapsulated PostScript (EPS) attacks
Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...
PT-2017-2152 · Microsoft · Office
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to the improper handling of data in Microsoft Office, which can be exploited by a remote attacker to execute arbitrary code. The exploitation can occur when a...
Artifex Ghostscript Remote Command Execution Vulnerability
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. Artifex Ghostscrip...
The vulnerability of the Microsoft Office software package, which allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Office suite exists due to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted EPS image...
PT-2015-1995
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP3 through 2013 RT SP1 Description A remote code execution issue exists due to insufficient input validation. Exploitation can allow a remote attacker to execute arbitrary code using a specially crafted EPS imag...
VulnCheck KEV: CVE-2015-2545
Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image...
Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Exploit
No description provided by source. ?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC comment more than 42000 bytes results in a direct...
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)
No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::FILEFORMAT def initializeinfo = superupdateinfoinfo, 'Name' = 'Adobe Illustrator CS4 v14.0.0', 'Description' = %q Adobe Illustrator CS4 V14.0.0 Encapsulated...
DEBIAN-CVE-2012-6076
Inkscape before 0.48.4 reads .eps files from /tmp instead of the current directory, which might cause Inkspace to process unintended files, allow local users to obtain sensitive information, and possibly have other unspecified impacts...
Adobe Illustrator EPS File DSC Comment Buffer Overflow (CVE-2009-4195)
Adobe Illustrator software is a comprehensive vector graphics environment for creative professionals, including web and interactive designers and developers, multimedia producers, motion graphics and visual effects designers, animators, and video professionals. A buffer overflow vulnerability has...
Adobe Illustrator CS4 v14.0.0
Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Adobe Illustrator CS4 v14.0.0',...
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)
require 'msf/core' class Metasploit3 'Adobe Illustrator CS4 v14.0.0', 'Description' = %q Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit , 'License' = MSFLICENSE, 'Author' = 'dookie, original by Nine:Situations:Group::pyrokinesis' , 'Version...
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (Metasploit)
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow Metasploit require 'msf/core' class Metasploit3 'Adobe Illustrator CS4 v14.0.0', 'Description' = %q Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit , 'License' = MSFLICENSE, 'Autho...
Adobe Illustrator CS4 v14.0.0 eps Universal Buffer Overflow (meta)
Exploit for unknown platform in category local exploits ================================================================== Adobe Illustrator CS4 v14.0.0 eps Universal Buffer Overflow meta ================================================================== Title: Adobe Illustrator CS4 v14.0.0 eps...
CVE-2009-4195
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript .eps file. NOTE: some of these details are obtained from third party information...
Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript '.eps' Local Buffer Overflow
?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC comment more than 42000 bytes results in a direct EIP overwrite. Exception is...
enscript: "epsf" special escape buffer overflows
Multiple buffer overflows in the 1 recognizeepsfile function src/psgen.c and 2 tildesubst function src/util.c in GNU enscript 1.6.1, and possibly earlier, might allow remote attackers to execute arbitrary code via an epsf escape sequence with a long filename...
USN-223-1: Inkscape vulnerability
Javier Fernández-Sanguino Peña discovered that Inkscape's ps2epsi.sh script, which converts PostScript files to Encapsulated PostScript format, creates a temporary file in an insecure way. A local attacker could exploit this with a symlink attack to create or overwrite arbitrary files with the...
CVE-2002-2047
The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript EPS file...
CVE-2002-2047
The file preview functionality in Sketch 0.6.12 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the filename of an encapsulated Postscript EPS file...