A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Category Archives: Checkpoint
Checkpoint
Adobe Acrobat and Reader Memory Corruption (APSB16-14: CVE-2016-1064; CVE-2016-1064)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a corrupted file. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file.
Adobe Acrobat Reader XFA FormCalc replace Integer Overflow (CVE-2016-1043)
An integer overflow vulnerability exists in Adobe Acrobat Reader. The vulnerability is due to improper validation of the parameters for a certain function. A remote attacker could exploit this vulnerability by enticing a user to open a maliciously crafted document. Successful exploitation of the vulnerability can possibly lead to remote code execution.
Adobe Acrobat and Reader Use After Free (APSB16-14: CVE-2016-1056; CVE-2016-1056)
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Adobe Acrobat and Reader JPEG codec Memory Corruption (APSB16-14: CVE-2016-1063; CVE-2016-1063)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a maliciously crafted PDF file with an embedded malformed JPEG. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file.
Adobe Reader Memory Corruption (APSB16-26: CVE-2016-4204; CVE-2016-4204)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Adobe Acrobat and Reader Memory Corruption (APSB14-15: CVE-2016-1067; CVE-2016-1067; CVE-2016-1068; CVE-2016-1069)
This vulnerability is an instance of a use after free vulnerability. A constraint for exploitation of this vulnerability is that the memory area of the freed object is reused by another object. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
Apache Struts URLValidator Denial of Service (CVE-2016-4465)
A denial of service vulnerability exists in Apache Struts URLValidator. The vulnerability is due to insufficient validation of crafted URLs by the URLValidator. A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted HTTP request to a Struts 2 application. Successful attack can result in a denial of service condition.
WordPress Download Manager Plugin Remote Command Execution
A Remote command execution vulnerability exists in WordPress Download Manager Plugin. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary commands on the affected system.
Adobe Flash Player Use After Free Code Execution (APSB16-25: CVE-2016-4248; CVE-2016-4248)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.