Posted by Summer of Pwnage on Jul 31
————————————————————————
Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress
Plugin
————————————————————————
Bente Schopman, July 2016
————————————————————————
Abstract
————————————————————————
Multiple stored Cross-Site Scripting…
Posted by Summer of Pwnage on Jul 31
————————————————————————
Insert PHP WordPress Plugin allows authenticated user to execute
arbitrary PHP
————————————————————————
Marcel Vermeulen <vermeulen.mc.at.gmail.com> & Ed van der Vlies
<ecvdvlies.at.gmail.com>, July 2016
————————————————————————
Abstract…
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
A security bypass vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a specially crafted PDF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted PDF file.
A use after free vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to an error in the way Adobe Acrobat and Reader handles objects in memory. A remote attacker can exploit this vulnerability by enticing the user to open a specially crafted PDF file.
A memory corruption vulnerability exists in Adobe Flash Player. The vulnerability is due to an error in Adobe Flash Player while parsing a specially crafted SWF file. A remote attacker can exploit this issue by enticing a victim to open a specially crafted SWF file.
This vulnerability is an instance of a use after free vulnerability. A constraint for exploitation of this vulnerability is that the memory area of the freed object is reused by another object. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to out-of-bounds error while accessing to unintended memory in a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.
A memory corruption vulnerability exists in Adobe Reader and Acrobat. The vulnerability is due to an error in Adobe Reader and Acrobat while parsing a maliciously crafted PDF file with an embedded malformed JPEG. A remote attacker may exploit this vulnerability by enticing a target user to open a specially crafted file.
A remote code execution vulnerability exists in Adobe Acrobat and Reader. The vulnerability is due to a use-after-free error in Adobe Acrobat and Reader while handling a specially crafted PDF file. A remote attacker can exploit this vulnerability by enticing a target user to open a specially crafted PDF file.