iDefense Security Advisory 10.13.09 - Remote exploitation of a use after free vulnerability in Adobe Systems Inc.'s Acrobat and Reader Firefox plugin could allow an attacker to execute arbitrary code with the privileges of the current user. When Adobe Acrobat/Reader is installed, it also installs various browser plugins that allow PDF documents to be viewed in the browser. This vulnerability occurs within the Firefox browser plugin. The Internet Explorer version is not affected. The vulnerability occurs when Firefox attempts to navigate away from a page and unload the PDF viewing plugin. When Firefox calls the plugin's destroy method, the plugin does not properly free its resources. Specifically, a function pointer for the window update routine is not properly freed. This results in uninitialized memory being used when the window is redrawn, which leads to attacker supplied data being executed when the function pointer is dereferenced. iDefense has confirmed the existence of this vulnerability in Acrobat and Reader versions 8.1.3, 8.1.4, 8.1.5, and 8.1.6. Previous versions are also likely affected. Version 9.1.3 and previous 9.x versions are not affected.
26d2526e5fa4a158dc90e307c84a2c19f9b708a1d9689add295e4f768fab5f65iDefense Security Advisory 10.13.09 - Remote exploitation of an invalid array index vulnerability in Adobe Systems Inc.'s Reader and Acrobat could allow an attacker to execute arbitrary code with the privileges of the current user. The vulnerability occurs when parsing a U3D file embedded inside of a PDF. U3D is a file format used to represent 3D images. When parsing a U3D file, the parsing code fails to validate a value from the file used as index into a list of objects. This results in an attacker being able to specify an arbitrary value for a function pointer, which leads to the execution of arbitrary code. iDefense confirmed the existence of this vulnerability in Reader and Acrobat versions 9.1.3 and 8.1.6. Previous versions may also be affected.
036e3aa6e99462fba57e81b58b99274ca7837766dda18884ae3b383d0ebe33ffSecunia Research has discovered a vulnerability in Microsoft Office, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an integer overflow when processing the number of colours used in a bitmap image. This can be exploited to cause a heap-based buffer overflow via a specially crafted bitmap image. Successful exploitation may allow execution of arbitrary code.
7ac964e9487782914de260d54de860d87bab4cfc1cce6ada1a75a68e768c7a21Millenium MP3 Studio version 2.0 .mpf file local stack overflow exploit.
655419f8a0e1fca0cb189c78d9acab447223ab9026bd99e33cc3ab0cbefa5a0aOBOphiX version 1.0 suffers from a cross site scripting vulnerability.
36cedb1adc618168b836d1bbb8dc4f7cb3696ec3b39fb9083ff37169682ce1f7Dit.CMS version 1.3 suffers from a cross site scripting vulnerability.
97cd0944e692928caaefdd70942128c76aa2a750f4f4b6ba69a3a8b51fe51dd2Zainu version 1.0 suffers from a cross site scripting vulnerability.
8f3e9ac3843fc0bd7714db4c0675eb8422d3c85e3ef9187e9b8e421c794972c9QuickTeam version 2.2 suffers from a remote SQL injection vulnerability.
d9a3340ab24c2632c8810bbe0305e462797494800df884bd7ab1c58333e64c00FreeSchool version 1.1.0 suffers from a cross site scripting vulnerability.
f93f691abfc44196b2579d083d55065f4ff1fc9b5474ad3f7d5a675578c97a7aBlooFox CMS version 0.3.5 suffers from a cross site scripting vulnerability.
4e11c6164d92713395047d679fa23f2cfb7f85d51fc075bb910c9ff5a96e5b99AdaptBB version 1.0 suffers from a cross site scripting vulnerability.
8c9da2589096f0b9ef84fe2729fe14cc13240207dfdcd41d80e12284edbeddaaImproper handling of a specially crafted RAR archive file by the CA Anti-Virus engine arclib component leads to heap corruption and allows the attacker to cause a denial of service or possibly further compromise the system.
68c74583d8c2259e62743fb500c3ba5a7a8e32c2b91f70c32aba0e9279bc5cbdAchievo versions 1.3.4 and below suffer from a remote SQL injection vulnerability.
601108b4918110ff0f704baaeb33c9ddbd86e763546225f6eab6beb4fffb82b0Achievo versions 1.3.4 and below suffer from cross site scripting vulnerabilities.
3e43ab73bbfe81f99529b6bc033331b6c29d92371b634c150f94a3d775774c3fZoIPer Call-Info remote denial of service crash exploit.
da07ba37ad8d279a04d17faa083e14c5633a40b4a2ff338042a2578719cb4167Palm Pre WebOS versions 1.1 and below suffer from a floating point exception vulnerability when attempting to view a specially crafted web page.
dd042c88bda6f549aaa01d65ffda9b44dc9e53448662e02889031eeb13be9744NaviCOPA versions 3.0.1.2 and below suffer from a remote source disclosure vulnerability.
3fc6e9da9a800d9bf3d42dbffadb1678a521d4c9617fb7f80e73ec9f6667301fQuick Heal suffers from a local privilege escalation vulnerability. Antivirus Plus 2009 for Desktop version 10.00 SP1 and Total Security 2009 version 10.00 SP1 are affected.
a7e12ae7f3325df3946da4bb5dfa8911981f261769814d18eb97809b70621b55DedeCMS version 5.1 suffers from a remote SQL injection vulnerability.
602919dfe71a1750eb7645144191fface54e8b2b0d148a8043bbe004dfccb4beTechnical Cyber Security Alert 2009-286B - Adobe has released Security bulletin APSB09-15, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
696ccab68a7a2925c13a6849c57b7f5cac307c65febb16925ea4750d03362283Technical Cyber Security Alert 2009-286A - Microsoft has released updates to address vulnerabilities in Microsoft Windows and Windows Server, Internet Explorer, Office, .NET Framework, Silverlight, SQL Server, Developer Tools, and Forefront.
bdfbe54040dd0fb5f33c52a245fac35493463d0100e4227101155b3f24873276Zero Day Initiative Advisory 09-073 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists when the application parses a PDF file containing a malformed Compact Font Format stream. While decoding the font embedded in this stream, the application will explicitly trust a 16-bit value used to index into an array of elements. Usage of the object later will cause heap corruption which can be leveraged to achieve code execution under the context of the current user.
f5b15979453779951c6615a8065d41b0917042b56b721df3bbc4be4c0c3e8a33Zero Day Initiative Advisory 09-072 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Windows. User interaction is required in that a user must open a malicious image file or browse to a malicious website. The specific flaws exist in the GDI+ subsystem when parsing maliciously crafted TIFF files. By supplying a malformed graphic control extension an attacker can trigger an exploitable memory corruption condition. Successful exploitation can result in arbitrary code execution under the credentials of the currently logged in user.
cef542a7264618845484af621f80dc5063484429e3b09b1772f806f2b4927ea2Zero Day Initiative Advisory 09-071 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required in that a user must visit a malicious web page. The specific flaw exists in the parsing of CSS style information. When a writing-mode style is used with a specific combination of HTML tags, memory corruption occurs. Exploitation of this vulnerability will lead to remote system compromise under the credentials of the currently logged in user.
25d87ea8df06335805a6073612747ed29b5c890a35c65a1121ce86d7287b0c64Zero Day Initiative Advisory 09-070 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the copy constructor for a specific DOM object. When duplicated, more than one reference can be made of anything assigned to it's properties. When the variable/object goes out of scope, these properties will be deallocated twice. This results in a heap corruption which can lead to code execution under the context of the current user.
e34a0ecf7e6e4857c86a7a862d7ba941e58653e04ba89adf332e7b9a933d2e22
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed