Foxit Reader versions 7.1.3.320 and below suffer from a pdf parsing memory corruption vulnerability.
bd04944c6132e51165de2cd47879e4605bc439659bd47936955cab36552e79aaSecunia Security Advisory - Some vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
c54216312e8a1c614c987aa7867e162c73407e99718aaab381cde6c9f03c31edSecunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
12cc9c82d1a759e826a34c897eecd35f6dc0ec6fcc84301e9699f4c77ebdbc82OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.
4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02Slim PDF Reader version 1.0 suffers from a denial of service vulnerability.
d1ffdeb69b179bf453e9df13d5f38f2ea80e5975170ad4c9dfbaf90077a7117bGentoo Linux Security Advisory 201206-14 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.5.1 are affected.
59faf1ae8b9f400e9098e2c922873ec9097d3782e6a02c5ac0d7feba5e2fa005Secunia Security Advisory - AppSec has reported a vulnerability with an unknown impact in NetEase Reader for Android.
a3f4d5e645ad7c9812eb4248adede983fab29f74cbe1d4ca2846df3f12b1c084The purpose of this paper is to make the reader aware of various Hash Cracking Techniques ranging from Basic to Advanced. The intended audience for this paper is those who have a basic understanding of hash cracking and password hashing algorithms.
6c41eb42dce76b95d64a452addb5a968a83f179dde367f0854ad7f166b86b909This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.
009165bbb7f39c130705ca1779b5bf21f2c3fd6f324d13329ecce60c590e0dccUniversal Reader version 1.16.740.0 suffers from a filename related denial of service vulnerability.
9fc1288cb87d2f76ded479085c5724fe535048050588dd20e82a0d94fc86bbcfMobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.
956ac848bb2710f1365550adfff0b8787d1dfb621595612c0d1b192087b80cb7Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.
7b6efa396060be88ab58d1b9ba817b6174c0d8cac6c5b6a361ff1c72175a2467Red Hat Security Advisory 2012-0469-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB12-08, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.1, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
c341c5397d6898dd8e367ea7d2edae47c08423d0ec1dda6322251c22228ed4eeSecunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, gain knowledge of potentially sensitive information, and compromise a user's system.
22304ba7c1a6e7b1206a3acc050aeb70179433422e80d9f9768a57ee6ea68584VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.
cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6Red Hat Security Advisory 2012-0302-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user.
f2434d92ff30870a69af386c20081fbeddc541a129b82ec961a7d31841e912d8Zero Day Initiative Advisory 12-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. When passing a negative size parameter in the 'colors' field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). This will cause a heap-based buffer overflow, allowing an attacker to execute code under the context of the user.
24f0d26f31e6c8fcf24c50cab38a6f9c749dcbe2a5ff797f47cc95f3469fc940The cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, they reveal the specification of INCrypt32 by reverse engineering an iCLASS card and investigate the security of INCrypt32. As a result, we show that the secret key of size 64 bits can be recovered using only 218 MAC queries if the attacker can request MAC for chosen messages of arbitrary length. If the length of messages is limited to pre-determined values by the authentication protocol, the required number of MAC queries grows to 242 to recover the secret key.
cb8784c8a30a60fd5be4ccee3a92361bbb9b0c25e831d60269f418117ec0e6b6Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.
baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
9c0822785fc67e26efb8775672c06e58ca4ae2f270e9aa218b6cb388af81f732VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.
c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02feRed Hat Security Advisory 2012-0011-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes two security flaws in Adobe Reader. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.
0e0748d35296ccc43f5ab63bf2c3fd23ea3d8079e013538c983a3adfd992bdcdThis Metasploit module exploits a vulnerability in the U3D handling within versions 9.x through 9.4.6 and 10 through to 10.1.1 of Adobe Reader. The vulnerability is due to the use of uninitialized memory. Arbitrary code execution is achieved by embedding specially crafted U3D data into a PDF document. A heap spray via JavaScript is used in order to ensure that the memory used by the invalid pointer issue is controlled.
958220f3112687e60ccfaeeb8830223cf29aa4ac4c24d29d128ae6cc845d5953Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.
57c972dbc20a2cbc05e3874aad945fe23420ee3235884f90214c8226e7040376Secunia Security Advisory - A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.
25da7e7b9ee9ca14278785722a672514eaf87c6b26cbab853b47dd73f014550cRed Hat Security Advisory 2011-1801-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.
f08148ae167c0768b601225b0105f767e9cb21cde5993cc3bc42b1cd64876d00
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed