Lucene search
+L

684 matches found

NVD
NVD
added 2016/10/31 10:59 a.m.22 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

8.8CVSS8.8AI score0.0259EPSS
Exploits0References2
OSV
OSV
added 2016/10/31 10:59 a.m.4 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

8.8CVSS6.1AI score0.0259EPSS
Exploits0References2
OSV
OSV
added 2016/10/31 10:59 a.m.5 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

7.5CVSS6.1AI score0.02187EPSS
Exploits0References2
NVD
NVD
added 2016/10/31 10:59 a.m.20 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

7.5CVSS7.7AI score0.02187EPSS
Exploits0References2
Prion
Prion
added 2016/10/31 10:59 a.m.19 views

Cross site scripting

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

6.8CVSS8AI score0.0259EPSS
Exploits0References2Affected Software2
Prion
Prion
added 2016/10/31 10:59 a.m.18 views

Cross site scripting

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

6.8CVSS8AI score0.02187EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2016/10/31 10:0 a.m.32 views

CVE-2016-8876

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted TIFF image embedded in the XFA stream in a PDF document, aka "Read Access Violation starting at FoxitReader."...

8.3AI score0.02187EPSS
Exploits0References2
CVE
CVE
added 2016/10/31 10:0 a.m.76 views

CVE-2016-8878

Foxit Reader and Foxit PhantomPDF (Windows) prior to 8.1 are affected by an out-of-bounds read in the XFA data stream when the gflags utility is enabled, allowing remote code execution via a crafted BMP in a PDF. Impact listed as arbitrary code execution with high severity (CVSS v3: HIGH, 8.8). A...

8.8CVSS8.7AI score0.0259EPSS
Exploits0References2Affected Software2
Cvelist
Cvelist
added 2016/10/31 10:0 a.m.30 views

CVE-2016-8878

Out-of-Bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, when the gflags app is enabled, allows remote attackers to execute arbitrary code via a crafted BMP image embedded in the XFA stream in a PDF document, aka "Data from Faulting Address may be used as a return...

8.8AI score0.0259EPSS
Exploits0References2
CVE
CVE
added 2016/10/31 10:0 a.m.59 views

CVE-2016-8876

CVE-2016-8876 describes an out-of-bounds read vulnerability in Foxit Reader and PhantomPDF before 8.1 on Windows, exploitable by a crafted TIFF image embedded in the XFA data stream of a PDF when the gflags tool is enabled. Successful exploitation can lead to remote arbitrary code execution with ...

7.5CVSS8.3AI score0.02187EPSS
Exploits0References2Affected Software2
Zero Day Initiative
Zero Day Initiative
added 2016/10/11 12:0 a.m.14 views

Adobe Reader DC XFA Uninitialized Pointer Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.8AI score0.05038EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/10/11 12:0 a.m.29 views

Adobe Reader DC XFA maxChars Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS4.7AI score0.05813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/10/11 12:0 a.m.28 views

Adobe Reader DC XFA forms Out-Of-Bounds Read Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.4AI score0.05038EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/10/11 12:0 a.m.22 views

Adobe Reader DC XFA AFDriver Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS2.6AI score0.05813EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/10/11 12:0 a.m.34 views

Acrobat Reader DC XFA FormSubform Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the...

6.8CVSS2AI score0.05813EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2016/08/05 12:0 a.m.9 views

Foxit Reader < 7.2 Multiple RCE

Binary data 9458.prm...

7.3AI score
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2016/08/05 12:0 a.m.13 views

Foxit Reader < 8.0 Multiple Vulnerabilities

Binary data 9469.prm...

7.8CVSS7.3AI score0.15808EPSS
Exploits1References4
Check Point Advisories
Check Point Advisories
added 2016/07/14 12:0 a.m.6 views

Adobe Acrobat Reader XFA FormCalc replace Integer Overflow (CVE-2016-1043)

An integer overflow vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper validation of the parameters for a certain function. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation of the...

10CVSS9.4AI score0.06567EPSS
Exploits0
CNVD
CNVD
added 2016/05/11 12:0 a.m.3 views

Adobe Reader DC XFA Page Out-of-Bounds Read Information Disclosure Vulnerability

Adobe Acrobat Reader DC is the United States of America Odooby Adobe company's set of tools for viewing, printing and annotating PDF. A security vulnerability exists in the Adobe Reader DC XFA page that could be exploited by an attacker to access a malicious web page or open a malicious file to...

10CVSS7.4AI score0.05804EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2016/05/10 12:0 a.m.27 views

Adobe Reader DC XFA preOpen Event Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of...

6.8CVSS3.1AI score0.0641EPSS
Exploits0References1
Rows per page
Query Builder