A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.
Category Archives: Checkpoint
Checkpoint
Adobe Flash Player Heap Buffer Overflow (APSB17-04: CVE-2017-2992)
A heap buffer overflow vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted mp4 file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.
Adobe Flash Player Use After Free Code Execution (APSB17-04: CVE-2017-2985)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Use After Free Code Execution (APSB17-04: CVE-2017-2982)
A remote code execution vulnerability exists in Adobe Flash Player. The vulnerability is due to a use-after-free error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Type Confusion (APSB17-04: CVE-2017-2995)
A type confusion vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while handling a specially crafted SWF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted SWF file with an affected version of Flash Player.
Adobe Flash Player Memory Corruption (APSB17-04: CVE-2017-2991)
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in h264 codec while parsing a specially crafted mp4 file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted file.
Trane comfort Link II DSS services handling remote code execution (CVE-2015-2868)
An exploitable remote code execution vulnerability exists in the Trane ComfortLink II DSS service. An attacker who can connect to the DSS service on the Trane ComfortLink II device can send an overly long request that can overflow a fixed size stack buffer, resulting in arbitrary code execution.
Adobe Acrobat and Reader Heap Overflow (APSB17-01: CVE-2017-2959)
A heap overflow vulnerability exists in Adobe Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker could trigger this issue via a specially crafted JPG file.
F5 Multiple Products iControl iCall Script Privilege Escalation (CVE-2015-3628)
A privilege escalation vulnerability exists in the iControl API in multiple F5 products. The vulnerability is due to insufficient validation of iCall scripts in incomming SOAP requests. A remote, authenticated attacker can exploit this vulnerability by sending malicious SOAP requests to the server.
Adobe Acrobat and Reader Memory Corruption (APSB17-01: CVE-2017-2960)
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in the image conversion engine, related to parsing of EXIF metadata. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.