1096 matches found
Artifex MuPDF Denial of Service Vulnerability (CNVD-2017-35028)
Artifex MuPDF is a free, lightweight PDF reader from Artifex Software. A security vulnerability exists in Artifex MuPDF version 1.11. The vulnerability can be exploited by an attacker to cause a denial of service with the help of a specially crafted .xps file...
DEBIAN-CVE-2017-14686
Artifex MuPDF 1.11 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to a "User Mode Write AV near NULL starting at wow64!Wow64NotifyDebugger+0x000000000000001d" on Windows. This occurs because readzipdirimp in fitz/unzip.c does not check...
DEBIAN-CVE-2017-14685
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016aa61" on Windows. This occurs because xpsloadlinksinglyphs in...
UBUNTU-CVE-2017-14687
Artifex MuPDF 1.11 allows attackers to cause a denial of service or possibly have unspecified other impact via a crafted .xps file, related to "Data from Faulting Address controls Branch Selection starting at mupdf+0x000000000016cb4f" on Windows. This occurs because of mishandling of XML tag name...
rbenv Directory Traversal Vulnerability
rbenv is a versioning tool for Ruty. A directory traversal vulnerability exists in the specification of the Ruby version in rbenv. A remote attacker can exploit this vulnerability to execute code...
CVE-2017-14568
STDU Viewer 1.6.375 allows attackers to execute arbitrary code or cause a denial of service via a crafted .xps file, related to an "Illegal Instruction Violation starting at Unknown Symbol @ 0x000000000297024c called from STDUXPSFile!DllUnregisterServer+0x0000000000025630."...
Exploit for Deserialization of Untrusted Data in Apache Struts
Description Apache Struts RCE tool for CVE 2017-9805 O...
ALPINE-CVE-2017-0901
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...
DEBIAN-CVE-2017-0901
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...
CVE-2017-0901
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...
UBUNTU-CVE-2017-0901
RubyGems version 2.6.12 and earlier fails to validate specification names, allowing a maliciously crafted gem to potentially overwrite any file on the filesystem...
CVE-2017-11210
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...
Memory corruption
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...
CVE-2017-11210
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...
CVE-2017-11209
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...
EUVD-2017-2843
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability that occurs when reading a JPEG file embedded within XML Paper Specification XPS file. Successful exploitation could...
CVE-2017-11210
Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the font parsing, where the font is embedded in the XML Paper Specification XPS file. Successful exploitation coul...
Adobe Acrobat and Reader Memory Corruption (APSB17-24: CVE-2017-11228)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to code stream specification components. A remote attacker might exploit this issue by creating an incomplete code stream which can cause memory corruption...
Mitsubishi Electric E-Designer SetupAlarm Font Property Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Mitsubishi Electric E-Designer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
3 New CIA-developed Hacking Tools For MacOS & Linux Exposed
WikiLeaks has just published a new set of classified documents linked to another CIA project, dubbed 'Imperial,' which reveals details of at least three CIA-developed hacking tools and implants designed to target computers running Apple Mac OS X and different flavours of Linux operating systems. ...