Lucene search
+L

979 matches found

CVE
CVE
added 2010/03/30 6:0 p.m.67 views

CVE-2010-0505

CVE-2010-0505 is a heap-based buffer overflow in Apple’s ImageIO framework when parsing JPEG2000 (JP2) images, affecting Mac OS X pre-10.6.3. The flaw is tied to miscalculated values in the CGImageReadGetBytesAtOffset function, enabling remote code execution or a denial of service (application cr...

6.8CVSS9.3AI score0.04196EPSS
Exploits1References4Affected Software2
OpenVAS
OpenVAS
added 2009/06/30 12:0 a.m.20 views

Foxit Reader Multiple Denial of Service Vulnerabilities (Jun 2009)

Foxit Reader is prone to multiple Denial of Service vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.3CVSS6.4AI score0.05679EPSS
Exploits1References5
ThreatPost
ThreatPost
added 2009/06/25 8:57 p.m.13 views

Vulnerabilities and Attack Surface

From CERT Will Dormann Two recent US-CERT Vulnerability Notes cert.org describe similar issues in the Adobe Reader and Foxit Reader PDF viewing applications. The vulnerabilities, that both applications failed to properly handle JPEG2000 JPX data streams, were discovered as part of our Vulnerabili...

1.5AI score
Exploits0References4
Prion
Prion
added 2009/06/23 9:30 p.m.22 views

Memory corruption

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...

9.3CVSS8.7AI score0.05679EPSS
Exploits1References6Affected Software2
NVD
NVD
added 2009/06/23 9:30 p.m.25 views

CVE-2009-0691

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...

9.3CVSS8AI score0.05679EPSS
Exploits1References6
NVD
NVD
added 2009/06/23 9:30 p.m.23 views

CVE-2009-0690

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...

9.3CVSS8AI score0.05679EPSS
Exploits0References6
Prion
Prion
added 2009/06/23 9:30 p.m.20 views

Out-of-bounds

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...

9.3CVSS8.7AI score0.05679EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2009/06/23 9:21 p.m.27 views

CVE-2009-0690

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...

8AI score0.05679EPSS
Exploits0References6
Cvelist
Cvelist
added 2009/06/23 9:21 p.m.26 views

CVE-2009-0691

The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...

8AI score0.05679EPSS
Exploits1References6
CVE
CVE
added 2009/06/23 9:21 p.m.66 views

CVE-2009-0690

The CVE-2009-0690 issue affects Foxit Reader's JPEG2000/JBIG Decoder add-on prior to 2.0.2009.616. A negative stream offset in a JPEG2000 (JPX) stream can trigger an out-of-bounds read, enabling a remote attacker to cause memory corruption, DoS, and potentially execute arbitrary code via a crafte...

9.3CVSS8.2AI score0.05679EPSS
Exploits0References6Affected Software2
CVE
CVE
added 2009/06/23 9:21 p.m.66 views

CVE-2009-0691

CVE-2009-0691 affects Foxit Reader 3.0 before Build 1817 with the JPEG2000/JBIG Decoder add-on prior to version 2.0.2009.616. A fatal error in decoding a JPX header can be triggered by a crafted PDF to cause memory corruption and a crash (DoS) and may enable arbitrary code execution. The vulnerab...

9.3CVSS8.2AI score0.05679EPSS
Exploits1References6Affected Software2
seebug.org
seebug.org
added 2009/06/23 12:0 a.m.44 views

Foxit Reader JPEG2000头解码内存破坏漏洞

Bugraq ID: 35443 CVE-2009-0691 CNCVE-20090691 Foxit Reader是一款设计用于PDF文件的应用程序。 Foxit Reader处理JPX JPEG2000流存在问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 Foxit Reader默认不能解码JPEG2000数据,安装了JPEG2000 / JBIG Decoder add-on的Foxit Reader受此漏洞影响。通过诱使用户打开恶意DPF文件,攻击者可执行任意代码或使PDF查看器崩溃。 Foxit Foxit Reader 3.0.2009 1301 Foxit Fox...

9.3CVSS6.4AI score0.05679EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2009/06/22 12:0 a.m.85 views

Foxit Reader JPEG2000 / JBIG Decoder Add-On < 2.0.2009.616 Multiple Vulnerabilities

The Foxit Reader application installed on the remote Windows host includes an optional JPEG2000 / JBIG Decoder add-on that is prior to version 2.0.2009.616. It is, therefore affected by multiple vulnerabilities : - A out-of-bounds read error exists in the add-on due to improper handling of a...

9.3CVSS6.1AI score0.05679EPSS
Exploits1References4
CERT
CERT
added 2009/06/19 12:0 a.m.33 views

Foxit Reader contains multiple vulnerabilities in the processing of JPX data

Overview Foxit Reader contains multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Foxit Reader is software designed to view Portable Document Format PDF files. Foxit Reader contains multiple vulnerabilities in the handling of JPX JPEG2000 streams. These...

6.9AI score
Exploits0References3
RedHat Linux
RedHat Linux
added 2009/06/17 9:16 a.m.4 views

acroread: multiple security fixes in version 8.1.6 (APSB09-07)

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

9.3CVSS6.4AI score0.08601EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2009/06/11 3:30 p.m.28 views

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...

9.3CVSS6.2AI score0.08601EPSS
Exploits0References1
CERT
CERT
added 2009/06/09 12:0 a.m.33 views

Adobe Reader contains multiple vulnerabilities in the processing of JPX data

Overview Adobe Reader and Acrobat contain multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view PDF...

9.3CVSS7.9AI score0.08601EPSS
Exploits0References1
securityvulns
securityvulns
added 2009/06/04 12:0 a.m.85 views

Apple QuickTime multiple security vulnerabilities

Buffer overflows and memory corruptions on PICT, CRGN, FLC, PSD, AVI, Sorenson Video 3, JPEG2000 parsing...

9.3CVSS4.3AI score0.08221EPSS
Exploits1References9Affected Software1
securityvulns
securityvulns
added 2009/06/02 12:0 a.m.50 views

ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability

ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-029 June 2, 2009 -- CVE ID: CVE-2009-0957 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

9.3CVSS0.3AI score0.05691EPSS
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2009/06/02 12:0 a.m.22 views

Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...

9.3CVSS5.1AI score0.05691EPSS
Exploits0References1
Rows per page
Query Builder