A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Category Archives: Checkpoint
Checkpoint
PHP 7 Unserialization Malicious toString Remote Code Execution (CVE-2016-7478)
A Remote Code Execution vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize() function.
Adobe Flash Player Use After Free Code Execution (APSB16-32: CVE-2016-6987; CVE-2016-6987)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Memory Corruption (APSB16-32: CVE-2016-4273; CVE-2016-4273)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.
PHP 7 Unserialization Exception Infinite Loop Denial of Service (CVE-2016-7479)
A Denial of Service vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize() function.
Adobe Reader and Acrobat Memory Corruption (APSB16-33: CVE-2016-6960; CVE-2016-6960)
A memory corruption vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error while loading a PDF containing a malicious JavaScript code. A remote attacker may exploit this issue by enticing a target user to open a malicious PDF file with an affected version of Adobe Reader or Acrobat.
PHP 7 Unserialization Hash Table Resize Use After Free
A Use After Free vulnerability exists in PHP 7. A remote attacker can exploit this vulnerability by sending specially crafted input to the unserialize() function.
Adobe Acrobat and Reader Use After Free (APSB16-33: CVE-2016-6946; CVE-2016-6946)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file, potentially leading to to arbitrary code execution.
Microsoft Windows True Type Font Parsing Information Disclosure (MS16-120: CVE-2016-3209; CVE-2016-3209)
An information disclosure vulnerability has been reported in Microsoft Windows. The vulnerability is due to an error in the way the True Type Font (TTF) driver handles objects in memory. A remote attacker could exploit this vulnerability by enticing a target user to open a specially crafted EMF file.
Microsoft Scripting Engine Information Disclosure (MS16-119: CVE-2016-7194; CVE-2016-7194)
A memory corruption vulnerability exists in Microsoft Edge. The vulnerability is due to the way Chakra JavaScript engine renders when handling objects in memory. A remote unauthenticated attacker could exploit this vulnerability by enticing the target user to open a specially crafted web page.