what you don't know can hurt you
Showing 1 - 25 of 100 RSS Feed

Files

Foxit Reader 8.3.1.21155 DLL Hijacking
Posted Apr 20, 2018
Authored by Ye Yint Min Thu Htut

Foxit Reader versions 8.3.1.21155 and below suffer from a dll hijacking vulnerability.

tags | advisory
systems | windows
MD5 | eb22e505d49272a974ea0a09ea10533a

Related Files

Secunia Security Advisory 50290
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | 9de5f7782486f8a0af28b58768f041ae
Secunia Security Advisory 50281
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | dee1ebb07ad1bd32b156d3bba299ba68
OpenLimit Reader Vulnerable Components
Posted Jun 26, 2012
Authored by Stefan Kanthak

OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.

tags | advisory
MD5 | cba35307c4a79af3a60bc1a77bfe05e4
Slim PDF Reader 1.0 Memory Corruption
Posted Jun 25, 2012
Authored by Carlos Mario Penagos Hollmann

Slim PDF Reader version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2011-4220
MD5 | fa867045b7572deef3a191844fad57e5
Gentoo Linux Security Advisory 201206-14
Posted Jun 22, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-14 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.5.1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373, CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777
MD5 | 9813c1efe34c97ffd0335f79280c1d79
Secunia Security Advisory 49349
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AppSec has reported a vulnerability with an unknown impact in NetEase Reader for Android.

tags | advisory
MD5 | f2622e73138b024d6c450596454088cf
Breaking The Crypt
Posted May 31, 2012
Authored by Sudeep Singh

The purpose of this paper is to make the reader aware of various Hash Cracking Techniques ranging from Basic to Advanced. The intended audience for this paper is those who have a basic understanding of hash cracking and password hashing algorithms.

tags | paper
MD5 | 2192f73ecd17ee8861213770aec2add6
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Posted May 22, 2012
Authored by bannedit, Francisco Falcon | Site metasploit.com

This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-55614
MD5 | dd101f060050f721d607dcf105579673
Universal Reader 1.16.740.0 Denial Of Service
Posted May 14, 2012
Authored by demonalex

Universal Reader version 1.16.740.0 suffers from a filename related denial of service vulnerability.

tags | exploit, denial of service
MD5 | aabef4cd6b8f758e4e84deec36655328
Mobipocket Reader 6.2 Build 608 Buffer Overflow
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
MD5 | c965a12afc749d35e50648de2a8b0d3f
Technical Cyber Security Alert 2012-101B
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.

tags | advisory, vulnerability
MD5 | 6595d0dd4ab1e29fe00b04df2e20537d
Red Hat Security Advisory 2012-0469-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0469-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB12-08, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.1, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0774, CVE-2012-0775, CVE-2012-0777
MD5 | bc8eab399d8e0bb8c6baabec8556da80
Secunia Security Advisory 48733
Posted Apr 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, gain knowledge of potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
MD5 | 9f563cd27d6b2a2a07a4dc9ebfec3a58
Adobe Flash Player Matrix3D Remote Memory Corruption
Posted Mar 20, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.

tags | advisory, web
advisories | CVE-2012-0768
MD5 | 95e078da784ba70a9735a04652678734
Red Hat Security Advisory 2012-0302-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0302-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user.

tags | advisory, overflow, arbitrary
systems | linux, redhat, unix
advisories | CVE-2011-2896
MD5 | b5b2f4b064a3620f920fba70d761e3a3
Zero Day Initiative Advisory 12-021
Posted Feb 8, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. When passing a negative size parameter in the 'colors' field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). This will cause a heap-based buffer overflow, allowing an attacker to execute code under the context of the user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-4373
MD5 | 58940cb9a59c84860162036c3a89d7e1
Cryptanalysis Of INCrypt32 In HID's iCLASS Systems
Posted Feb 7, 2012
Authored by Daewan Han, Dong Hoon Lee, ChangKyun Kim, Chang-Ho Jung, Eun-Gu Jung

The cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, they reveal the specification of INCrypt32 by reverse engineering an iCLASS card and investigate the security of INCrypt32. As a result, we show that the secret key of size 64 bits can be recovered using only 218 MAC queries if the attacker can request MAC for chosen messages of arbitrary length. If the length of messages is limited to pre-determined values by the authentication protocol, the required number of MAC queries grows to 242 to recover the secret key.

tags | paper, arbitrary, crypto, protocol
MD5 | ee33f7e2da98c62d3b33c6294941bbe8
Gentoo Linux Security Advisory 201201-19
Posted Jan 31, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0570, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0588, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0605, CVE-2011-0606, CVE-2011-2130
MD5 | 5fbcd6733c04d9d6fff335b1ba60696d
Secunia Security Advisory 45852
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
MD5 | eac16ef304e8244781266c6afb291c1e
Adobe Acrobat / Reader Image Processing Integer Overflow
Posted Jan 12, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.

tags | advisory, overflow
MD5 | a1138c96ee87bbca43c200d2a006d871
Red Hat Security Advisory 2012-0011-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0011-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes two security flaws in Adobe Reader. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-2462, CVE-2011-4369
MD5 | 945a0369b3849a0599a2e9b11a577423
Adobe Reader U3D Memory Corruption
Posted Jan 4, 2012
Authored by jduck, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in the U3D handling within versions 9.x through 9.4.6 and 10 through to 10.1.1 of Adobe Reader. The vulnerability is due to the use of uninitialized memory. Arbitrary code execution is achieved by embedding specially crafted U3D data into a PDF document. A heap spray via JavaScript is used in order to ensure that the memory used by the invalid pointer issue is controlled.

tags | exploit, arbitrary, javascript, code execution
advisories | CVE-2011-2462, OSVDB-77529
MD5 | 0b78b73d96782aa18205e750b111a977
Technical Cyber Security Alert 2011-350A
Posted Dec 17, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.

tags | advisory, vulnerability
MD5 | 6ff4243badbab5455e8e172f8676e520
Secunia Security Advisory 47133
Posted Dec 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory
MD5 | 6c61c5658f0773e59006359f90f56991
Red Hat Security Advisory 2011-1801-01
Posted Dec 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1801-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4111
MD5 | ee6abb2d22f6624ee9b2ea95bd05563b
Page 1 of 4
Back1234Next

File Archive:

April 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    60 Files
  • 2
    Apr 2nd
    20 Files
  • 3
    Apr 3rd
    15 Files
  • 4
    Apr 4th
    5 Files
  • 5
    Apr 5th
    5 Files
  • 6
    Apr 6th
    27 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    0 Files
  • 9
    Apr 9th
    0 Files
  • 10
    Apr 10th
    0 Files
  • 11
    Apr 11th
    0 Files
  • 12
    Apr 12th
    0 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close