102 matches found
SRC-2019-0061 : Adobe Photoshop CC ASCII85Decode filter Heap Buffer Overflow Remote Code Execution Vulnerability
Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Photoshop CC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exis...
The vulnerability of the Cisco IOS XE operating system’s IPsec driver and the Cisco Adaptive Security Appliance network interface card software allows a attacker to trigger a device reboot.
The vulnerability of the Cisco IOS XE operating system and Cisco Adaptive Security Appliance network interface software’s IPsec driver is related to errors in the processing of IPsec authentication header AH packets or encapsulated payload ESP packets. Exploiting this vulnerability can allow a...
Cisco IOS and IOS XE Software DHCP Version 4 Relay Reply Denial of Service Vulnerability
A vulnerability in the Cisco IOS Software and Cisco IOS XE Software function that restores encapsulated option 82 information in DHCP Version 4 DHCPv4 packets could allow an unauthenticated, remote attacker to cause an affected device to reload, resulting in a denial of service DoS condition. The...
VulnCheck KEV: CVE-2013-4979
Buffer overflow in the gldll32.dll module in EPS Viewer 3.2 and earlier allows remote attackers to execute arbitrary code via a crafted EPS file...
VulnCheck KEV: CVE-2013-0808
Hangul Word Processor contains a buffer overflow vulnerability that can be exploited by an embedded EPS object contained in a malicious HWP document...
Microsoft Office Remote Code Execution Vulnerability (CNVD-2017-06561)
Microsoft Office is an office software suite of products developed by the U.S. company Microsoft Microsoft. Commonly used components are Word, Excel, Access, Powerpoint, FrontPage and so on. A remote code execution vulnerability exists in Microsoft Office. An attacker can exploit this vulnerabili...
Encapsulated PostScript (EPS) の脆弱性を利用した攻撃に対処するために団結する
本記事は、MSRC Team のブログ “Coming together to address Encapsulated PostScript EPS attacks” 2017 年 5 月 9 日 米国時間公開 を翻...
Microsoft Office Multiple Remote Code Execution (CVE-2017-0261)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
Microsoft Office EPS Remote Code Execution (CVE-2017-0262)
A remote code execution vulnerability exists in Encapsulated PostScript EPS of Microsoft Office. The vulnerability is due to the way that Microsoft Office does not properly handle objects in memory while parsing specially crafted Office files. A remote attacker can exploit this issue by enticing ...
Coming together to address Encapsulated PostScript (EPS) attacks
Today’s security updates include three updates that exemplify how the security ecosystem can come together to help protect consumers and enterprises. We would like to thank FireEye and ESET for working with us. Customers that have the latest security updates installed are protected against the...
PT-2017-2152 · Microsoft · Office
Name of the Vulnerable Software and Affected Versions: Microsoft Office affected versions not specified Description: The issue is related to the improper handling of data in Microsoft Office, which can be exploited by a remote attacker to execute arbitrary code. The exploitation can occur when a...
Artifex Ghostscript Remote Command Execution Vulnerability
Artifex Ghostscript is an open source Postscript a page description language and programming language used in the electronics industry and desktop publishing parser from Artifex Software that displays Postscript files and prints them on non-Postscript printers. Postscript file. Artifex Ghostscrip...
kernel: Remotely triggerable recursion in GRE code leading to kernel crash
A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO Generic Receive Offload code path. A remote attacker could use this flaw to trigger unbounded recursion in the kernel that could lead to stack corruption,...
The vulnerability of the Microsoft Office software package, which allows a hacker to execute arbitrary code.
The vulnerability of the Microsoft Office suite exists due to insufficient testing of input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially crafted EPS image...
PT-2015-1995
Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2007 SP3 through 2013 RT SP1 Description A remote code execution issue exists due to insufficient input validation. Exploitation can allow a remote attacker to execute arbitrary code using a specially crafted EPS imag...
VulnCheck KEV: CVE-2015-2545
Microsoft Office allows remote attackers to execute arbitrary code via a crafted EPS image...
Network Tool 0.2 PHPNuke Addon Metacharacter Filtering Command Execution Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/3552/info Network Tool is a PHPNuke addon, written and maintained by Rick Fournier. It is designed to offer network features such as nmap, traceroute, and ping from a web interface. A problem with the package has been...
Microsoft IIS 4/5 SMTP Service Encapsulated SMTP Address Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5213/info Microsoft Exchange 5.5 and the SMTP Simple Mail Transfer Protocol service included with IIS Internet Information Services 4.0 and 5.0 are vulnerable to an encapsulated SMTP address vulnerability. The vulnerabili...
Adobe Illustrator CS4 14.0.0 - eps Universal Buffer Overflow (meta)
No description provided by source. require 'msf/core' class Metasploit3 Msf::Exploit::Remote Rank = GoodRanking include Msf::Exploit::FILEFORMAT def initializeinfo = superupdateinfoinfo, 'Name' = 'Adobe Illustrator CS4 v14.0.0', 'Description' = %q Adobe Illustrator CS4 V14.0.0 Encapsulated...
Adobe Illustrator CS4 14.0.0 - Encapsulated Postscript (.eps) Buffer Overflow Exploit
No description provided by source. ?php / Adobe Illustrator CS4 V14.0.0 Encapsulated Postscript .eps overlong DSC Comment Buffer Overflow Exploit by Nine:Situations:Group::pyrokinesis site: http://retrogod.altervista.org/ An overlong string as DSC comment more than 42000 bytes results in a direct...