65 matches found
ghostscript: shading_param incomplete type checking (699660)
It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript docume...
CVE-2018-14295
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...
Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-10216)
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in the parsing of U3D Shading objects in Foxit Reader version 9.0.0.29935, which is caused by the program failing to properly validate user-submitted data. The vulnerability can be...
CVE-2018-10474
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Design/Logic Flaw
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
CVE-2018-10474
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...
Foxit Reader U3D Shading Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D...
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds...
Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Exploit
Exploit for multiple platform in category dos / poc Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds reads when rendering usin...
Pdfium - Pattern Shading Integer Overflows Exploit
Exploit for multiple platform in category dos / poc This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in...
Pdfium - Pattern Shading Integer Overflows
Pdfium - Pattern Shading Integer Overflows This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp re...
Pdfium - Pattern Shading Integer Overflows
This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...
PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption
Exploit for windows platform in category dos / poc Title: PDF-XChange Viewer - Shading Type 7 Heap Memory Corruption Application: PDF-XChange Viewer Version 2.5.315.0 Platform: Windows Software Link: http://www.tracker-software.com/ Date: 2015-11-15 Author: Sébastien Morin from COSIG Contact:...
PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption
Title: PDF-XChange Viewer - Shading Type 7 Heap Memory Corruption Application: PDF-XChange Viewer Version 2.5.315.0 Platform: Windows Software Link: http://www.tracker-software.com/ Date: 2015-11-15 Author: Sébastien Morin from COSIG Contact: https://twitter.com/COSIG @COSIG Personal contact:...
CVE-2011-0481
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...
CVE-2011-0481
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...
Buffer overflow
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...
CVE-2011-0481
CVE-2011-0481 : Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly other impact via vectors related to PDF shading. Affected software is Google Chrome and Chrome OS (versions cited in the entry). Th...
CVE-2011-0481
Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...
CVE-2011-0481
Removed by vendor...