Atlantis Word Processor document endnote reference code execution vulnerability

Summary An exploitable arbitrary write vulnerability exists in the Word document parser of the Atlantis word processor. A specially crafted document can prevent Atlas from adding elements to an array that is indexed by a loop. When reading from this array, the application will use an out-of-bound...

Atlantis Word Processor Word document paragraph property (0xD608) sprmTDefTable uninitialized length code execution vulnerability

Summary An exploitable uninitialized length vulnerability exists within the Word document-parser of the Atlantis Word Processor. A specially crafted document can cause Atlantis to skip initializing a value representing the number of columns of a table. Later, the application will use this as a...

Atlantis Word Processor JPEG length underflow code execution vulnerability

Summary An exploitable stack-based buffer overflow vulnerability exists in the JPEG parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause a length to be miscalculated and underflow. This length is then treated as unsigned and then used ...

PT-2018-16363 · Atlantis · Atlantis Word Processor

Name of the Vulnerable Software and Affected Versions: Atlantis Word Processor version 3.2.5.0 Description: A heap-based buffer overflow issue exists in the Windows enhanced metafile parser. It can be triggered by a specially crafted image embedded within a document, causing an undersized...

Atlantis Word Processor empty TTableRow TList code execution vulnerability

Summary An exploitable uninitialized pointer vulnerability exists in the Word document parser of the the Atlantis Word Processor. A specially crafted document can cause an array fetch to return an uninitialized pointer and then performs some arithmetic before writing a value to the result. Usage ...

Atlantis Word Processor Windows Enhanced Metafile Code Execution Vulnerability

Summary An exploitable heap-based buffer overflow vulnerability exists in the Windows enhanced metafile parser of Atlantis Word Processor, version 3.2.5.0. A specially crafted image embedded within a document can cause an undersized allocation, resulting in an overflow when the application tries ...

Samsung Galaxy S8 Arbitrary Code Execution Vulnerability

The Samsung Galaxy S8 is a smartphone released by the South Korean company Samsung Samsung. An arbitrary code execution vulnerability exists in the Samsung Galaxy S8, which stems from a failure to properly validate the length of user-submitted data before copying it into a buffer on a fixed-lengt...

CVE-2018-14318

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling ...

CVE-2018-14318

CVE-2018-14318 affects Samsung Galaxy S8 (G950FXXU1AQL5). The root cause is improper validation of the length of user-supplied data in IPCP header handling, leading to a stack-based buffer overflow on the baseband processor. This allows remote code execution with the attacker needing user interac...

CVE-2018-14318

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling ...

CVE-2018-14318

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling ...

Stack overflow

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling ...

CVE-2018-12169

CVE-2018-12169 is described in Lenovo PS/LEN advisory as part of Intel Boot Guard verification flaws. The platform sample firmware supplied by Intel, incorporated by Lenovo across multiple products, contains a logic error that may cause it to scan for and execute code in a region that should not ...

(Pwn2own) Samsung Galaxy S8 Shannon GPRS Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of IPCP header...

openssl: bn_sqrx8x_internal carry bug on x86_64

There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...

[SECURITY] Fedora 27 Update: zsh-5.4.1-4.fc27

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

Speculative Execution Side Channel Variants 4 and 3a - US

Lenovo Security Advisory: LEN-22133 Potential Impact: Malicious code running locally may be able to observe contents of privileged memory or registers, circumventing expected privilege levels Severity: Medium Scope of Impact: Industry-wide CVE Identifier: CVE-2018-3639, CVE-2018-3640 Summary...

Samsung SmartThings Hub STH-ETH-250 video-core HTTP server buffer overflow vulnerability

Samsung SmartThings Hub STH-ETH-250 is a smart home management device from Samsung, South Korea. video-core HTTP server is one of the HTTP servers. A buffer overflow vulnerability exists in the credential processor of the video-core HTTP server of the Samsung SmartThings Hub STH-ETH-250 using...

[SECURITY] Fedora 28 Update: zsh-5.5.1-2.fc28

The zsh shell is a command interpreter usable as an interactive login shell and as a shell script command processor. Zsh resembles the ksh shell the Korn shell, but includes many enhancements. Zsh supports command line editing, built-in spelling correction, programmable command completion, shell...

UBUNTU-CVE-2016-7068

An issue has been found in PowerDNS before 3.4.11 and 4.0.2, and PowerDNS recursor before 3.7.4 and 4.0.4, allowing a remote, unauthenticated attacker to cause an abnormal CPU usage load on the PowerDNS server by sending crafted DNS queries, which might result in a partial denial of service if th...