684 matches found
Design/Logic Flaw
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2961
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2950
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to layout functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2951
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2967
CVE-2017-2967 describes an exploitable memory corruption vulnerability in the XFA engine of Adobe Acrobat/Reader. Affects Adobe Reader/Acrobat versions 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier; exploitation could lead to arbitrary code execution. Root cause: mem...
CVE-2017-2948
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2961
CVE-2017-2961 is a use-after-free vulnerability in the XFA engine of Adobe Acrobat/Reader. It affects Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. The issue is related to validation functionality, and exploitation could lead to arbitra...
CVE-2017-2950
CVE-2017-2950 is an exploitable use-after-free vulnerability in Adobe Acrobat/Reader’s XFA engine (layout functionality). Affected on Windows and macOS/Linux versions include 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. Successful exploitation could lead to arbitra...
CVE-2017-2951
Summary (CVE-2017-2951): Adobe Acrobat/Reader versions affected include 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. The vulnerability is a use-after-free in the XFA engine, related to the sub-form functionality. Successful exploitation could result in arbitrary co...
CVE-2017-2948
CVE-2017-2948 affects Adobe Acrobat/Reader (XFA engine). Affected: Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, and 11.0.18 and earlier. Root cause: exploitable buffer overflow/underflow in XFA engine leading to arbitrary code execution upon successful exploitation....
CVE-2017-2961
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to validation functionality. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2967
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable memory corruption vulnerability in the XFA engine related to a form's structure and organization. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2948
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable buffer overflow / underflow vulnerability in the XFA engine. Successful exploitation could lead to arbitrary code execution...
CVE-2017-2951
Adobe Acrobat Reader versions 15.020.20042 and earlier, 15.006.30244 and earlier, 11.0.18 and earlier have an exploitable use after free vulnerability in the XFA engine, related to sub-form functionality. Successful exploitation could lead to arbitrary code execution...
Acrobat Reader DC XFA Field Font Size Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA field fo...
Adobe Reader DC XFA template Out-Of-Bounds Read Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's template...
Adobe Reader DC XFA Layout Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the XFA subform...
Adobe Reader DC XFA hyphenation Use-After-Free Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within XFA's hyphenatio...
Foxit Reader and PhantomPDF Read-Over-Boundary Vulnerability (CNVD-2016-10512)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An out-of-bounds read vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application is enabled, a remote...
Foxit Reader and PhantomPDF Read-Over-Boundary Vulnerability (CNVD-2016-10513)
Foxit Reader is a PDF document reader from China's Foxit Software Corporation.Foxit PhantomPDF is a commercial version. An out-of-bounds read vulnerability exists in Foxit Reader and PhantomPDF versions prior to 8.1 on Windows-based platforms. When the gflags application is enabled, a remote...