13 matches found
Foxit Reader Information Disclosure Vulnerability (CNVD-2018-10940)
Foxit Reader is China's Foxit Foxit Software Corporation, a PDF document reader. An information disclosure vulnerability exists in the parsing of the U3D Model Node framework in Foxit Reader version 9.0.0.29935, which occurs when the program fails to properly validate user-submitted data. The...
CVE-2018-10476
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
Design/Logic Flaw
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2018-10476
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader 9.0.0.29935. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within...
CVE-2018-10476
Foxit Reader 9.0.0.29935 is affected by an information-disclosure vulnerability in the U3D Model Node parsing. The issue stems from improper validation of user-supplied data, causing a read past the end of an allocated structure (out-of-bounds read). An attacker can leverage this by convincing a ...
Foxit Reader U3D Model Node Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Foxit Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing...
ZDI-09-042: Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability
ZDI-09-042: Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-042 June 10, 2009 -- CVE ID: CVE-2009-1855 -- Affected Vendors: Adobe -- Affected Products: Adobe Acrobat -- Vulnerability Details: This vulnerability allows remote attackers t...
Adobe Reader和Acrobat U3D Model远程栈缓冲区溢出漏洞
Bugraq ID: 35282 CVE ID:CVE-2009-1855 CNCVE ID:CNCVE-20091855 Adobe Reader和Acrobat是一款PDF文件处理程序。 Adobe Reader和Acrobat处理包含畸形U3D model的PDF文件时存在缺陷,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 当处理特殊构建的model扩展块时,在调用wcsncpy前缺少充分的边界检查,可导致基于栈的缓冲区溢出,可以以登录用户进程权限执行任意指令。 Adobe Acrobat Standard 8.1.4 Adobe Acrobat Standard 8.1.3...
Stack overflow
Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block...
CVE-2009-1855
Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block...
CVE-2009-1855
Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block...
CVE-2009-1855
Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block...
CVE-2009-1855
CVE-2009-1855 is a stack-based buffer overflow in Adobe Reader/Acrobat that can be triggered by a PDF containing a crafted U3D model extension block, potentially allowing arbitrary code execution. Affected products include Adobe Reader/Acrobat 7.x before 7.1.3, 8.x before 8.1.6, and 9.x before 9....