OSV-2024-1062 UNKNOWN WRITE in std::__1::recursive_mutex::lock

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=42538230 Crash type: UNKNOWN WRITE Crash state: std::1::recursivemutex::lock Catalog::getForm Page::getAnnots...

PT-2024-40572 · Git +1 · Poppler

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash type of UNKNOWN WRITE. The crash state involves the std:: 1::recursive mutex::lock function, and the call stack includes...

Adobe Acrobat Pro DC getAnnots Type Confusion Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Acrobat Pro DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

Adobe Reader Javascript API getAnnots method vulnerability

Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...

Adobe Reader Javascript API getAnnots method vulnerability

Added: 05/29/2009 CVE: CVE-2009-1492 BID: 34736 OSVDB: 54130 Background Adobe Reader is free software for viewing PDF documents. Problem A vulnerability in the Javascript API allows command execution when a user opens a PDF file which calls the getAnnots method with specially crafted arguments...

acroread: multiple vulnerabilities in Adobe Reader 8.1.4

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service memory corruption or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code...

Adobe Reader 'getAnnots()' Javascript函数远程代码执行漏洞

BUGTRAQ ID: 34736 Adobe Reader是一款PDF文件解析程序。 Adobe Reader处理Javascript存在问题，远程攻击者可以利用漏洞以运行用户权限执行任意代码。 构建包含超长名的注解，在使用'getAnnots' Javascript函数解析时可触发缓冲区溢出，导致以运行Adobe Reader应用程序的安全上下文执行任意代码。 Adobe Acrobat Reader 8.1.4 Adobe Acrobat Reader 9.1 目前没有解决方案提供： http://www.adobe.com/ // //Exploit made by Arr1va...

Adobe Reader 8.1.4/9.1 - 'GetAnnots()' Remote Code Execution

// //Exploit made by Arr1val //Proved in adobe 9.1 and adobe 8.1.4 on linux // //Steps: //- create a pdf with an annotation a note i used an annotation with a very long AAAAA name, but that might be omitted //- attach the following script to the OpenAction of the pdf. // var memory; function...

Adobe Reader getAnnots Exploit

// //Exploit made by Arr1val //Proved in adobe 9.1 and adobe 8.1.4 on linux // //Steps: //- create a pdf with an annotation a note i used an annotation with a very long AAAAA name, but that might be omitted //- attach the following script to the OpenAction of the pdf. // var memory; function...