17 matches found
EUVD-2010-4025
Malware in sbrugna...
The vulnerabilities of Adobe Acrobat and Adobe Acrobat Document Cloud for PDF file editing, as well as Adobe Reader and Adobe Reader Document Cloud for PDF file viewing, allow attackers to gain access to protected information stored in the process memory.
The vulnerability of the loadFlashMovie function in PDF editing programs like Adobe Acrobat and Adobe Acrobat Document Cloud, as well as in PDF viewing programs like Adobe Reader and Adobe Reader Document Cloud, is related to deficiencies in access control mechanisms. Exploiting this vulnerabilit...
Adobe Flash Player "newfunction" Invalid Pointer Use
No description provided by source. $Id: adobeflashplayernewfunction.rb 10394 2010-09-20 08:06:27Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing...
Flash Movie Player 1.5 - File Magic Denial of Service Vulnerability
No description provided by source. Flash Movie Player v1.5 File Magic Crash http://www.eolsoft.com/ http://www.eolsoft.com/freeware/flashmovieplayer/ Author: Matthew Bergin Website: http://berginpentesting.com Date: August 25, 2010 Description: Flash Movie Player is a free stand-alone player for...
Adobe Flash ActionIf Integer Denial of Service Vulnerability
No description provided by source. Adobe Flash Integer Overflow Author: Matthew Bergin Date: June 15, 2010 Versions Affected: Flash10e.ocx v10.0.45.2 Flash10c.ocx v10.0.32.18 r32 Root Cause: ActionScript, ActionIf Affect: Denial-of-Service, possible Command Execution CVE: CVE-2010-3639 Desc: When...
Latest IE Zero-Day Flaw Tied to Nitro Hackers and Recent Java Zero-Day Exploits
Security experts are warning enterprise and consumer users to stay away from Internet Explorer until Microsoft issues a patch for a new zero-day vulnerability in the browser. Active exploits have been discovered in the wild and are being linked to Nitro, the same group of hackers from China who...
Adobe Flash - ActionIf Integer Denial of Service
Adobe Flash Integer Overflow Author: Matthew Bergin Date: June 15, 2010 Versions Affected: Flash10e.ocx v10.0.45.2 Flash10c.ocx v10.0.32.18 r32 Root Cause: ActionScript, "ActionIf" Affect: Denial-of-Service, possible Command Execution CVE: CVE-2010-3639 Desc: When Parsing an ActionIf ActionScript...
Security-Assessment.com Advisory: Oracle JRE - java.net.URLConnection class - Same-of-Origin (SOP) Policy Bypass
, , . .' '. ', . , '. , ., , / / / ==/ / / / / / / | Y Y / /| / /||| / / /.-. / /:wq x.0 '=.|w|.=' ='"=. presents.. Oracle JRE - java.net.URLConnection class – Same-of-Origin SOP Policy Bypass PDF: http://www.security-assessment.com/files/advisories/OracleJREjavaneturlconnectionSOPBypass.pdf CVE...
Hardcoded credentials
Opera before 10.63 allows remote attackers to cause a denial of service application crash via a Flash movie with a transparent Window Mode aka wmode property, which is not properly handled during navigation away from the containing HTML document...
CVE-2010-4049
Opera before 10.63 allows remote attackers to cause a denial of service application crash via a Flash movie with a transparent Window Mode aka wmode property, which is not properly handled during navigation away from the containing HTML document...
Oracle JRE - java.net.URLConnection class Same-of-Origin SOP Policy Bypass
Oracle JRE - java.net.URLConnection class Same-of-Origin SOP Policy Bypass Description Security-Assessment.com discovered that a Java Applet making use of java.net.URLConnection class can be used to bypass same-of-origin SOP policy and domain based security controls in modern browsers when...
Adobe Flash Player - 'newfunction' Invalid Pointer Use (Metasploit) (2)
$Id: adobeflashplayernewfunction.rb 10477 2010-09-25 11:59:02Z mc $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Flash Movie Player 1.5 - File Magic Denial of Service
Flash Movie Player 1.5 - File Magic Denial of Service Flash Movie Player v1.5 File Magic Crash http://www.eolsoft.com/ http://www.eolsoft.com/freeware/flashmovieplayer/ Author: Matthew Bergin Website: http://berginpentesting.com Date: August 25, 2010 Description: Flash Movie Player is a free...
Flash Movie Player 1.5 - File Magic Denial of Service
Flash Movie Player v1.5 File Magic Crash http://www.eolsoft.com/ http://www.eolsoft.com/freeware/flashmovieplayer/ Author: Matthew Bergin Website: http://berginpentesting.com Date: August 25, 2010 Description: Flash Movie Player is a free stand-alone player for ShockWave Flash SWF animations, bas...
Adobe Flash Player newfunction Invalid Pointer Use
$Id: adobeflashplayernewfunction.rb 9477 2010-06-10 20:55:17Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Adobe Flash Player "newfunction" Invalid Pointer Use
This module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash...
Adobe Flash Player "newfunction" Invalid Pointer Use
This module exploits a vulnerability in the DoABC tag handling within versions 9.x and 10.0 of Adobe Flash Player. Adobe Reader and Acrobat are also vulnerable, as are any other applications that may embed Flash player. Arbitrary code execution is achieved by embedding a specially crafted Flash...