exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

Foxit PDF Reader 11.0 Unquoted Service Path
Posted Mar 7, 2022
Authored by Hejap Zairy

Foxit PDF Reader version 11.0 suffers from an unquoted service path vulnerability.

tags | exploit
SHA-256 | e960ef66e4b747d6f9a4cfdcc7b0f2af4a177caa7d262118d388ef0e31b50512

Related Files

Secunia Security Advisory 50290
Posted Aug 16, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Some vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | c54216312e8a1c614c987aa7867e162c73407e99718aaab381cde6c9f03c31ed
Secunia Security Advisory 50281
Posted Aug 14, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 12cc9c82d1a759e826a34c897eecd35f6dc0ec6fcc84301e9699f4c77ebdbc82
OpenLimit Reader Vulnerable Components
Posted Jun 26, 2012
Authored by Stefan Kanthak

OpenLimit reader, an application aimed to provide security by validating X.509 signatures and signing PDFs inside Adobe Reader, contains completely outdated, superfluous and vulnerable components, which comprise 40% of the whole installation package.

tags | advisory
SHA-256 | 4cc2e247a5f3aaa21b4f53170afeda08847ab6f3934f5cbbdf9af600f6da8c02
Slim PDF Reader 1.0 Memory Corruption
Posted Jun 25, 2012
Authored by Carlos Mario Penagos Hollmann

Slim PDF Reader version 1.0 suffers from a denial of service vulnerability.

tags | exploit, denial of service
advisories | CVE-2011-4220
SHA-256 | d1ffdeb69b179bf453e9df13d5f38f2ea80e5975170ad4c9dfbaf90077a7117b
Gentoo Linux Security Advisory 201206-14
Posted Jun 22, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201206-14 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.5.1 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373, CVE-2012-0774, CVE-2012-0775, CVE-2012-0776, CVE-2012-0777
SHA-256 | 59faf1ae8b9f400e9098e2c922873ec9097d3782e6a02c5ac0d7feba5e2fa005
Secunia Security Advisory 49349
Posted Jun 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - AppSec has reported a vulnerability with an unknown impact in NetEase Reader for Android.

tags | advisory
SHA-256 | a3f4d5e645ad7c9812eb4248adede983fab29f74cbe1d4ca2846df3f12b1c084
Breaking The Crypt
Posted May 31, 2012
Authored by Sudeep Singh

The purpose of this paper is to make the reader aware of various Hash Cracking Techniques ranging from Basic to Advanced. The intended audience for this paper is those who have a basic understanding of hash cracking and password hashing algorithms.

tags | paper
SHA-256 | 6c41eb42dce76b95d64a452addb5a968a83f179dde367f0854ad7f166b86b909
Foxit Reader 3.0 Open Execute Action Stack Based Buffer Overflow
Posted May 22, 2012
Authored by bannedit, Francisco Falcon | Site metasploit.com

This Metasploit module exploits a buffer overflow in Foxit Reader 3.0 builds 1301 and earlier. Due to the way Foxit Reader handles the input from an "Launch" action, it is possible to cause a stack-based buffer overflow, allowing an attacker to gain arbitrary code execution under the context of the user.

tags | exploit, overflow, arbitrary, code execution
advisories | OSVDB-55614
SHA-256 | 009165bbb7f39c130705ca1779b5bf21f2c3fd6f324d13329ecce60c590e0dcc
Universal Reader 1.16.740.0 Denial Of Service
Posted May 14, 2012
Authored by demonalex

Universal Reader version 1.16.740.0 suffers from a filename related denial of service vulnerability.

tags | exploit, denial of service
SHA-256 | 9fc1288cb87d2f76ded479085c5724fe535048050588dd20e82a0d94fc86bbcf
Mobipocket Reader 6.2 Build 608 Buffer Overflow
Posted Apr 23, 2012
Authored by shinnai | Site shinnai.altervista.org

Mobipocket Reader version 6.2 build 608 suffers from a buffer overflow vulnerability. Proof of concept included.

tags | exploit, overflow, proof of concept
SHA-256 | 956ac848bb2710f1365550adfff0b8787d1dfb621595612c0d1b192087b80cb7
Technical Cyber Security Alert 2012-101B
Posted Apr 11, 2012
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2012-101B - Adobe has released Security Bulletin APSB12-08, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat. As part of this update, Adobe Reader and Acrobat 9.x will use the system-wide Flash Player browser plug-in instead of the Authplay component. In addition, Reader and Acrobat now disable the rendering of 3D content by default.

tags | advisory, vulnerability
SHA-256 | 7b6efa396060be88ab58d1b9ba817b6174c0d8cac6c5b6a361ff1c72175a2467
Red Hat Security Advisory 2012-0469-01
Posted Apr 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0469-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes multiple security flaws in Adobe Reader. These flaws are detailed on the Adobe security page APSB12-08, listed in the References section. A specially-crafted PDF file could cause Adobe Reader to crash or, potentially, execute arbitrary code as the user running Adobe Reader when opened. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.5.1, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory, arbitrary
systems | linux, redhat
advisories | CVE-2012-0774, CVE-2012-0775, CVE-2012-0777
SHA-256 | c341c5397d6898dd8e367ea7d2edae47c08423d0ec1dda6322251c22228ed4ee
Secunia Security Advisory 48733
Posted Apr 11, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, gain knowledge of potentially sensitive information, and compromise a user's system.

tags | advisory, vulnerability, xss
SHA-256 | 22304ba7c1a6e7b1206a3acc050aeb70179433422e80d9f9768a57ee6ea68584
Adobe Flash Player Matrix3D Remote Memory Corruption
Posted Mar 20, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by a memory corruption error within the Matrix3D class when processing malformed 3D data within SWF files, which could be exploited by attackers to potentially compromise a vulnerable system or disclose memory information by tricking a user into visiting a specially crafted web page. Adobe Flash Player versions 11.1.102.62 and below are affected.

tags | advisory, web
advisories | CVE-2012-0768
SHA-256 | cd2efadbb305725a418111b28128ed5c65004213052f530f752893ddaadc11f6
Red Hat Security Advisory 2012-0302-03
Posted Feb 21, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0302-03 - The Common UNIX Printing System provides a portable printing layer for Linux, UNIX, and similar operating systems. A heap-based buffer overflow flaw was found in the Lempel-Ziv-Welch decompression algorithm implementation used by the CUPS GIF image format reader. An attacker could create a malicious GIF image file that, when printed, could possibly cause CUPS to crash or, potentially, execute arbitrary code with the privileges of the "lp" user.

tags | advisory, overflow, arbitrary
systems | linux, redhat, unix
advisories | CVE-2011-2896
SHA-256 | f2434d92ff30870a69af386c20081fbeddc541a129b82ec961a7d31841e912d8
Zero Day Initiative Advisory 12-021
Posted Feb 8, 2012
Authored by Tipping Point | Site zerodayinitiative.com

Zero Day Initiative Advisory 12-021 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. When passing a negative size parameter in the 'colors' field, a series of signed comparisons will be averted, and the overly large size parameter is passed to a memcpy(). This will cause a heap-based buffer overflow, allowing an attacker to execute code under the context of the user.

tags | advisory, remote, overflow, arbitrary
advisories | CVE-2011-4373
SHA-256 | 24f0d26f31e6c8fcf24c50cab38a6f9c749dcbe2a5ff797f47cc95f3469fc940
Cryptanalysis Of INCrypt32 In HID's iCLASS Systems
Posted Feb 7, 2012
Authored by Daewan Han, Dong Hoon Lee, ChangKyun Kim, Chang-Ho Jung, Eun-Gu Jung

The cryptographic algorithm called INCrypt32 is a MAC algorithm to authenticate participants, RFID cards and readers, in HID Global's iCLASS systems. HID's iCLASS cards are widely used contactless smart cards for physical access control. Although INCrypt32 is a heart of the security of HID's iCLASS systems, its security has not been evaluated yet since the specification has not been open to public. In this paper, they reveal the specification of INCrypt32 by reverse engineering an iCLASS card and investigate the security of INCrypt32. As a result, we show that the secret key of size 64 bits can be recovered using only 218 MAC queries if the attacker can request MAC for chosen messages of arbitrary length. If the length of messages is limited to pre-determined values by the authentication protocol, the required number of MAC queries grows to 242 to recover the secret key.

tags | paper, arbitrary, crypto, protocol
SHA-256 | cb8784c8a30a60fd5be4ccee3a92361bbb9b0c25e831d60269f418117ec0e6b6
Gentoo Linux Security Advisory 201201-19
Posted Jan 31, 2012
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201201-19 - Multiple vulnerabilities in Adobe Reader might allow remote attackers to execute arbitrary code or conduct various other attacks. Versions less than 9.4.7 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2010-4091, CVE-2011-0562, CVE-2011-0563, CVE-2011-0565, CVE-2011-0566, CVE-2011-0567, CVE-2011-0570, CVE-2011-0585, CVE-2011-0586, CVE-2011-0587, CVE-2011-0588, CVE-2011-0589, CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0594, CVE-2011-0595, CVE-2011-0596, CVE-2011-0598, CVE-2011-0599, CVE-2011-0600, CVE-2011-0602, CVE-2011-0603, CVE-2011-0604, CVE-2011-0605, CVE-2011-0606, CVE-2011-2130
SHA-256 | baad128edffc63cf96f6415bcd8ed20845d4c2166743c0cf07a2e6869a63d515
Secunia Security Advisory 45852
Posted Jan 13, 2012
Authored by Secunia | Site secunia.com

Secunia Security Advisory - Multiple vulnerabilities have been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory, vulnerability
SHA-256 | 9c0822785fc67e26efb8775672c06e58ca4ae2f270e9aa218b6cb388af81f732
Adobe Acrobat / Reader Image Processing Integer Overflow
Posted Jan 12, 2012
Authored by Nicolas Joly, VUPEN | Site vupen.com

VUPEN Vulnerability Research Team discovered a critical vulnerability in Adobe Acrobat and Reader. The vulnerability is caused by an integer overflow error when processing malformed image data within a PDF document, which could be exploited by attackers to compromise a vulnerable system by tricking a user into opening a specially crafted PDF file. Versions affected include Adobe Acrobat and Reader X (10.1.1) and prior and Adobe Acrobat and Reader 9.4.7 and prior.

tags | advisory, overflow
SHA-256 | c94c13dce309f884bd280837f2c98fd26f4a3b8efdb37192552ad693c35c02fe
Red Hat Security Advisory 2012-0011-01
Posted Jan 11, 2012
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2012-0011-01 - Adobe Reader allows users to view and print documents in Portable Document Format. This update fixes two security flaws in Adobe Reader. All Adobe Reader users should install these updated packages. They contain Adobe Reader version 9.4.7, which is not vulnerable to these issues. All running instances of Adobe Reader must be restarted for the update to take effect.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-2462, CVE-2011-4369
SHA-256 | 0e0748d35296ccc43f5ab63bf2c3fd23ea3d8079e013538c983a3adfd992bdcd
Adobe Reader U3D Memory Corruption
Posted Jan 4, 2012
Authored by jduck, sinn3r, juan vazquez | Site metasploit.com

This Metasploit module exploits a vulnerability in the U3D handling within versions 9.x through 9.4.6 and 10 through to 10.1.1 of Adobe Reader. The vulnerability is due to the use of uninitialized memory. Arbitrary code execution is achieved by embedding specially crafted U3D data into a PDF document. A heap spray via JavaScript is used in order to ensure that the memory used by the invalid pointer issue is controlled.

tags | exploit, arbitrary, javascript, code execution
advisories | CVE-2011-2462, OSVDB-77529
SHA-256 | 958220f3112687e60ccfaeeb8830223cf29aa4ac4c24d29d128ae6cc845d5953
Technical Cyber Security Alert 2011-350A
Posted Dec 17, 2011
Authored by US-CERT | Site us-cert.gov

Technical Cyber Security Alert 2011-350A - Adobe has released Security Bulletin APSB11-30, which describes multiple vulnerabilities affecting Adobe Reader and Acrobat.

tags | advisory, vulnerability
SHA-256 | 57c972dbc20a2cbc05e3874aad945fe23420ee3235884f90214c8226e7040376
Secunia Security Advisory 47133
Posted Dec 11, 2011
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in Adobe Reader and Adobe Acrobat, which can be exploited by malicious people to compromise a user's system.

tags | advisory
SHA-256 | 25da7e7b9ee9ca14278785722a672514eaf87c6b26cbab853b47dd73f014550c
Red Hat Security Advisory 2011-1801-01
Posted Dec 8, 2011
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2011-1801-01 - KVM is a full virtualization solution for Linux on AMD64 and Intel 64 systems. qemu-kvm is the user-space component for running virtual machines using KVM. A flaw was found in the way qemu-kvm handled VSC_ATR messages when a guest was configured for a CCID USB smart card reader in passthrough mode. An attacker able to connect to the port on the host being used for such a device could use this flaw to crash the qemu-kvm process on the host or, possibly, escalate their privileges on the host.

tags | advisory
systems | linux, redhat
advisories | CVE-2011-4111
SHA-256 | f08148ae167c0768b601225b0105f767e9cb21cde5993cc3bc42b1cd64876d00
Page 1 of 4
Back1234Next

File Archive:

September 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    23 Files
  • 2
    Sep 2nd
    12 Files
  • 3
    Sep 3rd
    0 Files
  • 4
    Sep 4th
    0 Files
  • 5
    Sep 5th
    10 Files
  • 6
    Sep 6th
    8 Files
  • 7
    Sep 7th
    30 Files
  • 8
    Sep 8th
    14 Files
  • 9
    Sep 9th
    26 Files
  • 10
    Sep 10th
    0 Files
  • 11
    Sep 11th
    0 Files
  • 12
    Sep 12th
    5 Files
  • 13
    Sep 13th
    28 Files
  • 14
    Sep 14th
    15 Files
  • 15
    Sep 15th
    17 Files
  • 16
    Sep 16th
    9 Files
  • 17
    Sep 17th
    0 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    12 Files
  • 20
    Sep 20th
    15 Files
  • 21
    Sep 21st
    20 Files
  • 22
    Sep 22nd
    13 Files
  • 23
    Sep 23rd
    12 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    30 Files
  • 27
    Sep 27th
    27 Files
  • 28
    Sep 28th
    8 Files
  • 29
    Sep 29th
    14 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close