979 matches found
CVE-2010-0505
CVE-2010-0505 is a heap-based buffer overflow in Apple’s ImageIO framework when parsing JPEG2000 (JP2) images, affecting Mac OS X pre-10.6.3. The flaw is tied to miscalculated values in the CGImageReadGetBytesAtOffset function, enabling remote code execution or a denial of service (application cr...
Foxit Reader Multiple Denial of Service Vulnerabilities (Jun 2009)
Foxit Reader is prone to multiple Denial of Service vulnerabilities. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Vulnerabilities and Attack Surface
From CERT Will Dormann Two recent US-CERT Vulnerability Notes cert.org describe similar issues in the Adobe Reader and Foxit Reader PDF viewing applications. The vulnerabilities, that both applications failed to properly handle JPEG2000 JPX data streams, were discovered as part of our Vulnerabili...
Memory corruption
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...
CVE-2009-0691
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...
CVE-2009-0690
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...
Out-of-bounds
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...
CVE-2009-0690
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...
CVE-2009-0691
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a fatal error during decoding of a JPEG2000 aka JPX header, which allows remote attackers to cause a denial of service memory corruption and application crash or possibly...
CVE-2009-0690
The CVE-2009-0690 issue affects Foxit Reader's JPEG2000/JBIG Decoder add-on prior to 2.0.2009.616. A negative stream offset in a JPEG2000 (JPX) stream can trigger an out-of-bounds read, enabling a remote attacker to cause memory corruption, DoS, and potentially execute arbitrary code via a crafte...
CVE-2009-0691
CVE-2009-0691 affects Foxit Reader 3.0 before Build 1817 with the JPEG2000/JBIG Decoder add-on prior to version 2.0.2009.616. A fatal error in decoding a JPX header can be triggered by a crafted PDF to cause memory corruption and a crash (DoS) and may enable arbitrary code execution. The vulnerab...
Foxit Reader JPEG2000头解码内存破坏漏洞
Bugraq ID: 35443 CVE-2009-0691 CNCVE-20090691 Foxit Reader是一款设计用于PDF文件的应用程序。 Foxit Reader处理JPX JPEG2000流存在问题,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 Foxit Reader默认不能解码JPEG2000数据,安装了JPEG2000 / JBIG Decoder add-on的Foxit Reader受此漏洞影响。通过诱使用户打开恶意DPF文件,攻击者可执行任意代码或使PDF查看器崩溃。 Foxit Foxit Reader 3.0.2009 1301 Foxit Fox...
Foxit Reader JPEG2000 / JBIG Decoder Add-On < 2.0.2009.616 Multiple Vulnerabilities
The Foxit Reader application installed on the remote Windows host includes an optional JPEG2000 / JBIG Decoder add-on that is prior to version 2.0.2009.616. It is, therefore affected by multiple vulnerabilities : - A out-of-bounds read error exists in the add-on due to improper handling of a...
Foxit Reader contains multiple vulnerabilities in the processing of JPX data
Overview Foxit Reader contains multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Foxit Reader is software designed to view Portable Document Format PDF files. Foxit Reader contains multiple vulnerabilities in the handling of JPX JPEG2000 streams. These...
acroread: multiple security fixes in version 8.1.6 (APSB09-07)
Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...
CVE-2009-1861
Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted PDF file...
Adobe Reader contains multiple vulnerabilities in the processing of JPX data
Overview Adobe Reader and Acrobat contain multiple vulnerabilities that may allow an attacker to execute arbitrary code. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view PDF...
Apple QuickTime multiple security vulnerabilities
Buffer overflows and memory corruptions on PICT, CRGN, FLC, PSD, AVI, Sorenson Video 3, JPEG2000 parsing...
ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability
ZDI-09-029: Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-029 June 2, 2009 -- CVE ID: CVE-2009-0957 -- Affected Vendors: Apple -- Affected Products: Apple Quicktime -- TippingPointTM IPS Customer Protection: TippingPoint IPS...
Apple QuickTime Jpeg2000 Marker Size Heap Overflow Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apple QuickTime. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists during the parsing of...