CVE-2017-16942

In libsndfile 1.0.25 fixed in 1.0.26, a divide-by-zero error exists in the function wavw64readfmtchunk in wavw64.c, which may lead to DoS when playing a crafted audio file...

November Patch Tuesday: 53 Vulnerabilities and a Massive Adobe Update

This November Patch Tuesday is moderate in volume and severity. Microsoft released patches to address 53 unique vulnerabilities, with 25 focused on Remote Code Execution fixes. Windows OS receives 14 patches, while the lion's share is focused on Browsers, Microsoft Office, and Adobe. According to...

Adobe Patches Flash Player, 56 Bugs in Reader and Acrobat

Adobe kicked off today’s Patch Tuesday barrage with a monster update for Acrobat and Reader patching dozens of remote code execution vulnerabilities, along with the near-customary Flash Player update addressing a handful of critical flaws. None of the vulnerabilities patched today are under activ...

Adobe Acrobat and Reader Out-of-bounds Write (APSB17-36: CVE-2017-16416)

A out-of-bounds write vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an out of range pointer offset that is used to access sub-elements of an internal data structure. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16404)

A Out-of-bounds Read vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to the computation that writes data past the end of the intended buffer. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code...

Adobe Acrobat and Reader Heap Overflow (APSB17-36: CVE-2017-16383)

A heap buffer overflow vulnerability exists in Adobe Reader. The vulnerability is due to an error in Adobe Reader while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file...

Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16381)

A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to the way of processing TIFF files embedded within XPS document. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted XPS document...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16418)

A out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an out of range pointer offset that is used to access internal data structure. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted XML/XPS file...

Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16392)

A buffer access with incorrect length value vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a buffer access with incorrect length value in the JPEG processing module. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted...

Adobe Acrobat and Reader Out-of-bounds Write (APSB17-36: CVE-2017-16413)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing unintended memory in a specially crafted TIFF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted TIFF fil...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16401)

An Out-of-bounds Read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to how the image conversion engine processes Enhanced Metafile Format EMF. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted EMF file with Adobe...

Adobe Acrobat and Reader Buffer Over-read (APSB17-36: CVE-2017-16365)

A buffer over-read vulnerability exists in Adobe Acrobat and Reader. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file. Successful exploitation would expose sensitive data from the target...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16417)

A out-of-bounds write vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an out of range pointer offset that is used to access internal data structure. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file. Successful...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16362)

A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted PDF file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...

Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16396)

An buffer overflow vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a buffer access with incorrect length value in the TIFF processing module. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted TIFF document...

Adobe Acrobat and Reader Use After Free (APSB17-36: CVE-2017-16360)

A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file...

Adobe Acrobat and Reader Buffer Access with Incorrect Length Value (APSB17-36: CVE-2017-16385)

A buffer access vulnerability exists in Adobe Reader and Acrobat. The vulnerability is is caused by a buffer access with incorrect length value in TIFF parsing during XPS conversion. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted TIFF file...

Adobe Acrobat and Reader Out-of-bounds Read (APSB17-36: CVE-2017-16403)

An out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to computation that reads data that is past the end of the target buffer. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted EMF file...

Adobe Acrobat and Reader Untrusted Pointer Dereference (APSB17-36: CVE-2017-16364)

A memory access vulnerability exists in Adobe Acrobat and Reader. A remote attacker can exploit this issue by enticing a target user to open a specially crafted PDF file. Successful exploitation would expose sensitive data from the target...

Adobe Acrobat and Reader Buffer Over-read (APSB17-36: CVE-2017-16363)

A buffer over-read vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to a buffer over-read in the module that handles character codes. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file...