6686 matches found
Microsoft Edge EmitAssignment Memory Corruption
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page...
Microsoft Edge Scripting Engine Memory Corruption (CVE-2017-8646)
A remote code execution vulnerability exists in Microsoft Edge. The vulnerability is due to the way JavaScript engines render content when handling objects in memory. A remote attacker could exploit these vulnerabilities by enticing the target user to open a specially crafted web page, potentiall...
Lexmark LibISYSpdf Image Rendering DCTStream::getBlock() Code Execution Vulnerability
Summary An exploitable code execution vulnerability exists in the image rendering functionality of Lexmark Perceptive Document Filters 11.3.0.2400. A specifically crafted PDF can cause a function call on a corrupted DCTStream to occur, resulting in user controlled data being written to the stack....
The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability in the Microsoft Edge JavaScript kernel is caused by an operation going beyond the buffer boundaries in memory memory corruption due to a script error. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, as a resul...
Vulnerability of object handlers in the memory of Internet Explorer and Microsoft Edge browsers, allowing attackers to execute arbitrary code
The vulnerability of object handlers in the memory of Internet Explorer and Microsoft Edge arises from the execution of operations beyond the buffer boundaries in memory memory corruption. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the curre...
The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability in the Microsoft Edge JavaScript kernel is caused by an operation going beyond the buffer boundaries in memory memory corruption due to a script error. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, as a resul...
The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability in the Microsoft Edge JavaScript kernel is caused by an operation going beyond the buffer boundaries in memory memory corruption due to a script error. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, as a resul...
The vulnerability in the JavaScript kernel of Microsoft Edge allows a hacker to execute arbitrary code.
The vulnerability in the Microsoft Edge JavaScript kernel is caused by an operation going beyond the buffer boundaries in memory memory corruption due to a script error. Exploiting this vulnerability allows a malicious actor to execute arbitrary code in the context of the current user, as a resul...
Mozilla: Buffer overflow while painting non-displayable SVG (MFSA 2017-19)
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
USN-3398-1: graphite2 vulnerabilities
Holger Fuhrmannek and Tyson Smith discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially-crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or...
Adobe Acrobat and Reader XFA Remote Code Execution Vulnerability
Adobe Acrobat and Reader are the United States of America Audobee Adobe company's products. The former is a set of PDF document editing and conversion tools, the latter is a set of PDF document reading software. XFA is one of the form processing module. Adobe Acrobat and Reader in the XFA renderi...
CVE-2017-11219
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11231
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in Acrobat/Reader rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11219
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution...
Double free
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable use after free vulnerability in the XFA rendering engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-11219
Adobe Acrobat Reader 2017.x and earlier (versions listed in CVE-2017-11219 entry: 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier) contains an exploitable use-after-free in the XFA rendering engine. Successful exploitation could lead to ...
Fedora 24 : webkitgtk4 (2017-9d572cc64a)
This update addresses the following vulnerabilities : - CVE-2017-7018, CVE-2017-7030, CVE-2017-7034, CVE-2017-7037, CVE-2017-7039, CVE-2017-7046, CVE-2017-7048, CVE-2017-7055, CVE-2017-7056, CVE-2017-7061, CVE-2017-7064 Additional fixes : - Fix rendering of spin buttons with GTK+ = 3.20 when the...
Mozilla: Buffer overflow while painting non-displayable SVG (MFSA 2017-19)
A buffer overflow can occur when the image renderer attempts to paint non-displayable SVG elements. This results in a potentially exploitable crash. This vulnerability affects Thunderbird 52.3, Firefox ESR 52.3, and Firefox 55...
[SECURITY] Fedora 25 Update: php-horde-Horde-Form-2.0.18-1.fc25
The HordeForm package provides form rendering, validation, and other functionality for the Horde Application Framework...
[SECURITY] Fedora 26 Update: php-horde-Horde-Form-2.0.18-1.fc26
The HordeForm package provides form rendering, validation, and other functionality for the Horde Application Framework...