A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Category Archives: Checkpoint
Checkpoint
Snort Back Orifice BOPing – ver 2 (CVE-1999-0660)
BOPing is a network scanner for computers where the Back Orifice remote administration program is installed. Use of this scanner might be a preliminary step before attempting to take control over the system using the Back Orifice program.This protection detects and blocks use of the BOPing scanner.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1055; CVE-2016-1055)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.
Microsoft Windows Graphics Component Remote Code Execution (MS16-097: CVE-2016-3304; CVE-2016-3304)
A remote code execution vulnerability exists in Microsoft Graphics Component. The vulnerability is due to the way Microsoft Windows improperly handles specially crafted EMF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted EMF files.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3293; CVE-2016-3293)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3289; CVE-2016-3289)
A use after free vulnerability was discovered within Microsoft Internet Explorer. The root cause comes from dll file triggering a use after free condition. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3322; CVE-2016-3322)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the mishandling of cached objects in complex webpages. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Microsoft Internet Explorer Information Disclosure (MS16-095: CVE-2016-3327; CVE-2016-3327)
An information disclosure vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer improperly handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted swf file with an affected version of Internet Explorer.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1054; CVE-2016-1054)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.
Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)
A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this vulnerability by sending a file with a PUT request, followed by a crafted MOVE request to the server or by sending a malicious file using a crafted PUT request to replace executable components of ActiveMQ.