Lucene search
K

65 matches found

RedHat Linux
RedHat Linux
added 2018/11/27 1:27 a.m.11 views

ghostscript: shading_param incomplete type checking (699660)

It was discovered that the ghostscript .shfill operator did not properly validate certain types. An attacker could possibly exploit this to bypass the -dSAFER protection and crash ghostscript or, possibly, execute arbitrary code in the ghostscript context via a specially crafted PostScript docume...

7.8CVSS6.1AI score0.03019EPSS
Exploits0References4
OSV
OSV
added 2018/07/31 8:29 p.m.5 views

CVE-2018-14295

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit PhantomPDF Phantom PDF 9.1.5096. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

8.8CVSS6.2AI score0.08895EPSS
Exploits0References2
CNVD
CNVD
added 2018/05/18 12:0 a.m.4 views

Foxit Reader Arbitrary Code Execution Vulnerability (CNVD-2018-10216)

Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. A security vulnerability exists in the parsing of U3D Shading objects in Foxit Reader version 9.0.0.29935, which is caused by the program failing to properly validate user-submitted data. The vulnerability can be...

8.8CVSS7.6AI score0.02773EPSS
Exploits0References1
NVD
NVD
added 2018/05/17 3:29 p.m.20 views

CVE-2018-10474

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS8.8AI score0.02773EPSS
Exploits0References2
Prion
Prion
added 2018/05/17 3:29 p.m.20 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS8.9AI score0.02773EPSS
Exploits0References2Affected Software2
OSV
OSV
added 2018/05/17 3:29 p.m.4 views

CVE-2018-10474

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

8.8CVSS6.1AI score0.02773EPSS
Exploits0References2
Zero Day Initiative
Zero Day Initiative
added 2018/05/04 12:0 a.m.30 views

Foxit Reader U3D Shading Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of U3D...

6.8CVSS4.3AI score0.02773EPSS
Exploits0References1
exploitpack
exploitpack
added 2018/02/15 12:0 a.m.18 views

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds...

0.1AI score
Exploits0
0day.today
0day.today
added 2018/02/15 12:0 a.m.24 views

Pdfium - Out-of-Bounds Read with Shading Pattern Backed by Pattern Colorspace Exploit

Exploit for multiple platform in category dos / poc Related to issue 1490 . When parsing ShadingPatterns; according to the specification they shouldn't be permitted to have a pattern colorspace as their base colorspace, but this is not validated, leading to out-of-bounds reads when rendering usin...

Exploits0
0day.today
0day.today
added 2018/02/15 12:0 a.m.36 views

Pdfium - Pattern Shading Integer Overflows Exploit

Exploit for multiple platform in category dos / poc This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2018/02/15 12:0 a.m.35 views

Pdfium - Pattern Shading Integer Overflows

Pdfium - Pattern Shading Integer Overflows This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp re...

0.4AI score
Exploits0
Exploit DB
Exploit DB
added 2018/02/15 12:0 a.m.39 views

Pdfium - Pattern Shading Integer Overflows

This vulnerability relies on several minor oversights in the handling of shading patterns in pdfium, I'll try to detail all of the issues that could be fixed to harden the code against similar issues. The DrawXShading functions in cpdfrenderstatus.cpp rely on a helper function to compute the numb...

7.4AI score
Exploits0
0day.today
0day.today
added 2016/01/19 12:0 a.m.36 views

PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption

Exploit for windows platform in category dos / poc Title: PDF-XChange Viewer - Shading Type 7 Heap Memory Corruption Application: PDF-XChange Viewer Version 2.5.315.0 Platform: Windows Software Link: http://www.tracker-software.com/ Date: 2015-11-15 Author: Sébastien Morin from COSIG Contact:...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2016/01/19 12:0 a.m.30 views

PDF-XChange Viewer 2.5.315.0 - Shading Type 7 Heap Memory Corruption

Title: PDF-XChange Viewer - Shading Type 7 Heap Memory Corruption Application: PDF-XChange Viewer Version 2.5.315.0 Platform: Windows Software Link: http://www.tracker-software.com/ Date: 2015-11-15 Author: Sébastien Morin from COSIG Contact: https://twitter.com/COSIG @COSIG Personal contact:...

7.4AI score
Exploits0
NVD
NVD
added 2011/01/14 5:0 p.m.26 views

CVE-2011-0481

Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...

9.3CVSS7.4AI score0.02364EPSS
Exploits1References8
UbuntuCve
UbuntuCve
added 2011/01/14 5:0 p.m.24 views

CVE-2011-0481

Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...

9.3CVSS6AI score0.02364EPSS
Exploits1References1
Prion
Prion
added 2011/01/14 5:0 p.m.18 views

Buffer overflow

Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...

9.3CVSS8AI score0.02364EPSS
Exploits1References8Affected Software2
CVE
CVE
added 2011/01/14 4:0 p.m.58 views

CVE-2011-0481

CVE-2011-0481 : Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly other impact via vectors related to PDF shading. Affected software is Google Chrome and Chrome OS (versions cited in the entry). Th...

9.3CVSS7.5AI score0.02364EPSS
Exploits1References8Affected Software1
Cvelist
Cvelist
added 2011/01/14 4:0 p.m.25 views

CVE-2011-0481

Buffer overflow in Google Chrome before 8.0.552.237 and Chrome OS before 8.0.552.344 allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to PDF shading...

7.3AI score0.02364EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2011/01/14 4:0 p.m.39 views

CVE-2011-0481

Removed by vendor...

9.3CVSS6.7AI score0.02364EPSS
Exploits1
Rows per page
Query Builder