Lucene search
Jaanus KpClarified SecurityZDI-16-156HistoryFeb 09, 2016 - 12:00 a.m.
Microsoft Reader Uninitialized Pointer Remote Code Execution Vulnerability
2016-02-0900:00:00
Jaanus KpClarified Security
www.zerodayinitiative.com
11
0.19 Low
EPSS
Percentile
96.3%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of PDF files. By providing a malformed PDF file, an attacker can cause an uninitialized pointer to be dereferenced. An attacker could leverage this to execute arbitrary code under the context of the process.
Related
symantec
symantec
Microsoft Windows Reader CVE-2016-0046 Remote Code Execution Vulnerability
2016-02-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Windows Reader Remote Code Execution (MS16-012; CVE-2016-0046)
2016-02-09 00:00:00
cvelist
cvelist
CVE-2016-0046
2016-02-10 11:00:00
prion
prion
Design/Logic Flaw
2016-02-10 11:59:00
nvd
nvd
CVE-2016-0046
2016-02-10 11:59:10
cve
cve
CVE-2016-0046
2016-02-10 11:59:10
openvas
openvas
mskb
mskb
nessus
nessus
kaspersky
kaspersky
KLA10751 Multiple vulnerabilities in Microsoft Windows
2016-02-09 00:00:00