A remote code execution vulnerability exists in Microsoft Graphics Component. The vulnerability is due to the way Microsoft Windows improperly handles specially crafted EMF files. A remote attacker can exploit this issue by enticing a victim to open a specially crafted EMF files.
Category Archives: Checkpoint
Checkpoint
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3293; CVE-2016-3293)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to handling certain objects in JavaScript. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3289; CVE-2016-3289)
A use after free vulnerability was discovered within Microsoft Internet Explorer. The root cause comes from dll file triggering a use after free condition. A successful exploitation of this issue could allow an attacker to execute arbitrary code on the remote system.
Microsoft Internet Explorer Memory Corruption (MS16-095: CVE-2016-3322; CVE-2016-3322)
A use after free vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the mishandling of cached objects in complex webpages. A remote attacker can exploit this issue by enticing a target victim to open a specially crafted web page that could allow attackers to execute code on the target system.
Microsoft Internet Explorer Information Disclosure (MS16-095: CVE-2016-3327; CVE-2016-3327)
An information disclosure vulnerability exists in Microsoft Internet Explorer. The vulnerability is due to the way Internet Explorer improperly handles objects in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted swf file with an affected version of Internet Explorer.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1054; CVE-2016-1054)
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.
Apache ActiveMQ Fileserver Multi Methods Directory Traversal (CVE-2016-3088)
A directory traversal vulnerability exists in Apache ActiveMQ. The vulnerability is due to insufficient input validation in the destination header when processing a MOVE request or in the file upload functionality when processing a PUT request. A remote, unauthenticated attacker may exploit this vulnerability by sending a file with a PUT request, followed by a crafted MOVE request to the server or by sending a malicious file using a crafted PUT request to replace executable components of ActiveMQ.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1056; CVE-2016-1056)
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Adobe Acrobat and Reader JPEG codec Memory Corruption (APSB16-14: CVE-2016-1063; CVE-2016-1063)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a maliciously crafted PDF file with an embedded malformed JPEG. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file.
Adobe Reader Memory Corruption (APSB16-26: CVE-2016-4204; CVE-2016-4204)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.