VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed BMP data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
ec1e544d4bc46b70a53f70b750297c806bc34953226e435c1cb63dc94f5ab888
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed IFF data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
5fb97c8c1204aa3b8013ee8b94958c995a3ed2f749e599c67bd76aa36f7e01cb
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing malformed PCX data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
b1ba18f240b0fc7ab7cbc3817b3c949894e5a9a8549bbf6fc8cc226b4f78f497
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a stack overflow error when processing a malformed picture within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file.
3db1febf32ab77cc17ebcd7c9b80069c45e57860fe630d2d2dd0f8123ffdd44b
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a picture file with malformed dimensions, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
837ea15f51f8c653c8bc8201a780499c8e1592e20f9dbba46a5b7260bd924b43
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a heap overflow error when processing a malformed "BitsPerSample" field of a TIFF image, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF document.
7ce131d21eca659ae6009e41e847bfa961c8330c5d51752a35eb2562fe1bb645
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Shockwave. The vulnerability is caused by an array indexing error in the "dirapi.dll" component when processing malformed data within the "rcsL" record, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
ebae7c8e4b3e98c31ecdf30a8b7435873c1dc320927f43e66e6c37e4eda6e5ea
VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Flash Player. The vulnerability is caused by a buffer overflow error when processing a malformed ActionScript FileReference method, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
86c6eebd998ef19a66f897c458792f0e8d3b83f1a7b9d3f16cfdd6960d84e4ef
VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer underflow error in the Object Linking and Embedding (OLE) Automation component when processing malformed Windows Metafile (WMF) data via the "_PictLoadMetaFileRaw()" function, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
0bcbe6ddf0f6d9f9565bd58d17901ffc57ad45dde4e3569f63328534b3f27176
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "scrn" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
bd2b206e8cc01411d077ffd71f0fafae0c987444464bb20fda99e30bd818b823
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "pseq" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
678973558fee6d7c54c5b90eec131c79bd3a0357dbfa4eb1520a4ec67f37cad6
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "ncl2" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
e8f488754f08480d5e40ca95b2864ba0737678e88ade054dfd206889f6e07072
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "mluc" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
672490db1b7e734d96fdac53de3b57b95abfd9ee95d4201e9143bb6ef215fe8b
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer truncation error in the Color Management Module (CMM) when processing a malformed "bfd" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
cf0e788d1c843e3352da1703694e7f2744be0104b724b21b9d4cf89d96e5290a
VUPEN Vulnerability Research Team discovered a critical vulnerability in Oracle Java. The vulnerability is caused by an integer overflow error in the Color Management Module (CMM) when processing a malformed "clrt" tag within an ICC profile, which could be exploited by attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
b9624b37a2d319db443cfde21d7b096739c7f479b3a17eae304af656f677d623
VUPEN Vulnerability Research Team discovered a critical vulnerability in 7T Interactive Graphical SCADA System (IGSS). The vulnerability is caused by a memory corruption error in the Open Database Connectivity (ODBC) component when processing packets sent to port 20222/TCP, which could result in an invalid structure being used, leading to an exploitable condition. Versions prior to 9.0.0.11143 are affected.
6e3832447425985a6f696ebb91be8820ba8801500741d4b2775eba9c6ee8f8c7
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when processing certain text nodes, which could be exploited by remote attackers to execute arbitrary code by tricking a user into visiting a specially crafted web page.
68273b636979cb1468a8090e5e58828a83e73978c0b22c05b24a4b9d3b8c295a
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by a stack overflow error in the OpenType Compact Font Format (CFF) driver "ATMFD.dll" when processing certain operands within an OpenType font, which could be exploited by remote attackers to execute arbitrary code on a vulnerable Windows 7, Windows Server 2008, Windows Server 2008 R2, and Windows Vista systems via a malicious font, or by local attackers to gain elevated privileges on Windows XP and Windows Server 2003 systems via a malicious application.
4f3f32b3d21c7c657379213dbce2194f42ee815379440a6a45b032df836b15a9
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office Excel. The vulnerability is caused by a stack overwrite error when parsing the RTD RealTimeData record (0813h), which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted Excel document.
eb83b04f992840bb6eff2e981e45c08f92921571c592f54407896f0ebe817d1c
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CObjectElement::OnPropertyChange()" function within the MSHTML library when handling objects, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6, 7, and 8 are affected.
59606c9acd8d8332ddbbdbeff4cd06911f15ac789a3a6ee075f3c52dff906ea9
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Internet Explorer. The vulnerability is caused by a use-after-free error in the "CSpliceTreeEngine::InsertSplice()" function within the MSHTML library when handling layouts, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 6 and 7 are affected.
b8d96323c4a211ae41bedf90189a3872ffab299ee06c72ee8c21def85c12f670
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Windows. The vulnerability is caused by an integer overflow error in the GDI+ library when parsing certain values within a EMF image file, which could be exploited by attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page.
e9d976818013ca305eba57812572521d3237061c36f4c3f3f638dc81c1690983
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Microsoft Office. The vulnerability is caused by an integer overflow error in the MSO component when parsing certain values within an Office document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a malformed Office file (e.g. Word). Microsoft Office XP Service Pack 3 is affected.
2d2ef1ad1bdc1ee43e992f908da55b1ea19d51d2bcabcf4e211f64a913e1e003
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by an integer overflow error in the WebKit library when handling block dimensions, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
9ea8e14eaede3a9009c52340df2c57af7b693d761077f23322ac3fb77375bf67
The VUPEN Vulnerability Research Team discovered a critical vulnerability in Apple Safari. The vulnerability is caused by a use-after-free error in the WebKit library when handling certain scroll events, which could be exploited by remote attackers to compromise a vulnerable system by tricking a user into visiting a specially crafted web page. Versions 5.0.3 and below are affected.
3eac3c011875096426021de4ca49199e1fcbfae351d58fd4ff58b13456d57a6c