A Heap Overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.

A heap overflow vulnerability exists in Adobe Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker could trigger this issue via a specially crafted TIFF file.

A heap overflow vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error while parsing a corrupted PDF file containing an XSL stylesheet. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file.

An out-of-bounds read vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to improper handling of JPEG2000 images, and could be used to gain sensitive information that may help in further attacks. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted webpage or PDF document.

FreePBX is an open source software implementation of a telephone Private Branch eXchange (PBX). A code execution vulnerability exists in FreePBX software. Remote attacker can exploit this vulnerability to inject arbitrary PHP functions and commands.

This module exploits a PHP object injection vulnerability. Tuelap could be abused to allow authenticated users to execute arbitrary code with the permissions of the web server. This could lead to execute PHP code on the server.

An arbitrary file upload vulnerability exists in 3CX VoIP Phone System Manager. The vulnerability is due to failure to restrict file uploads in VAD_Deploy.aspx. A remote unauthenticated attacker can exploit this vulnerability by sending maliciously crafted requests to the target server.

An Out-of-Bounds-Write vulnerability exists in Microsoft Word. The vulnerability is due to a failure of Office software to properly handle objects in memory. Successful exploitation of this issue could grant an attacker remote code execution.

An information disclosure vulnerability exists in Microsoft Windows regarding bowser.sys . A local attacker could exploit this vulnerability by running a specially crafted malicious executable file. Successful exploitation of this vulnerability could lead to information disclosure.

An out-of-bounds write vulnerability has been discovered in OpenJPEG. The vulnerability is due to a lack of validation on the index values of MCC markers when parsing maliciously crafted JPEG2000 image files. A remote attacker could exploit this vulnerability by enticing a user to open a malicious JPEG file with a vulnerable application. Successful exploitation would result in execution of arbitrary attacker code in the security context of the target user.