1075 matches found
Adobe Reader 10.1.4.38 Memory Corruption
!/usr/bin/perl Title : Adobe reader 10.1.4 memory corruption Version : 10.1.4.38 Date : 2012-10-21 Vendor : http://www.adobe.com/ Impact : High Contact : coolkaveh at rocketmail.com Twitter : @coolkaveh tested : XP SP3 ENG Author : coolkaveh Bug : ---- Memory corruption during the handling of the...
Adobe Reader and Acrobat Malformed JavaScript Heap Corruption (APSB12-01; CVE-2011-4371)
A heap corruption vulnerability has been reported in Adobe Reader and Acrobat...
More Details of Sykipot Exploits Of Adobe Reader Flaw Surface
More evidence is beginning to emerge that the Adobe Reader zero-day bug revealed recently is being used in targeted attacks against companies and federal agencies. Researchers recently have come across fresh samples of malware exploiting the vulnerability by using files crafted to draw in employe...
CVE-2011-2462
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via unknown vectors, as exploited in...
CVE-2011-1353
Unspecified vulnerability in Adobe Reader 10.x before 10.1.1 on Windows allows local users to gain privileges via unknown vectors...
EUVD-2011-0614
The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted 1 height and 2 width values for an RLE8 compressed bitmap, which trigger...
CVE-2009-4324
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild...
VulnCheck KEV: CVE-2009-4324
Use-after-free vulnerability in Adobe Acrobat and Reader allows remote attackers to execute code via a crafted PDF file...
CVE-2009-1862
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via 1 a crafted Flash application in a .pdf file or 2...
Out-of-bounds
The Foxit JPEG2000/JBIG2 Decoder add-on before 2.0.2009.616 for Foxit Reader 3.0 before Build 1817 does not properly handle a negative value for the stream offset in a JPEG2000 aka JPX stream, which allows remote attackers to cause a denial of service memory corruption and application crash or...
Lunascape RSS reader arbitrary script execution vulnerability
Overview A vulnerability exists in the web browser Lunascape's RSS reader. An arbitrary script embedded in RSS feeds could be executed as the output of RSS information is not properly handled. Impact Arbitrary JavaScript could be executed within Lunascape's RSS reader. Solution None...
Foxit Reader 2.2 two potentially exploitable bugs
Hi all, I would like to post here some problems that i found in Foxit Reader 2.2 software. I sent to the company support two depthly detailed descriptions about these bugs with both pdfs causing them. The answer from the company was: "Hello. Both Foxit Reader and Adobe Reader cannot open the file...
CVE-2003-1410
PHP remote file inclusion vulnerability in email.php aka email.php3 in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cerskin parameter...
[Full-Disclosure] iDEFENSE Security Advisory 07.12.04: Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability
Adobe Reader 6.0 Filename Handler Buffer Overflow Vulnerability iDEFENSE Security Advisory 07.12.04 www.idefense.com/application/poi/display?id=116&type=vulnerabilities July 12, 2004 I. BACKGROUND Adobe Reader is a program used to display Portable Document Format PDF documents. II. DESCRIPTION...
Cedric Email Reader 0.20.3 - Skin Configuration Script Remote File Inclusion
Cedric Email Reader 0.20.3 - Skin Configuration Script Remote File Inclusion source: https://www.securityfocus.com/bid/6818/info It has been reported that Cedric Email Reader is prone to an issue that may allow remote attackers to include malicious files located on remote servers. This issue is...