Security News

CVE-2018-0489

National Vulnerability Database - Tue, 02/27/2018 - 10:29
Shibboleth XMLTooling-C before 1.6.4, as used in Shibboleth Service Provider before 2.6.1.4 on Windows and other products, mishandles digital signatures of user data, which allows remote attackers to obtain sensitive information or conduct impersonation attacks via crafted XML data. NOTE: this issue exists because of an incomplete fix for CVE-2018-0486.
Categories: Security News

CVE-2018-7172

National Vulnerability Database - Tue, 02/27/2018 - 10:29
In index.php in WonderCMS 2.4.0, remote attackers can delete arbitrary files via directory traversal.
Categories: Security News

Bugtraq: ES2018-04 Asterisk pjsip tcp segfault

SecurityFocus Vulnerabilities - Tue, 02/27/2018 - 02:20
ES2018-04 Asterisk pjsip tcp segfault
Categories: Security News

Bugtraq: ES2018-03 Asterisk pjsip sdp invalid media format description segfault

SecurityFocus Vulnerabilities - Tue, 02/27/2018 - 02:20
ES2018-03 Asterisk pjsip sdp invalid media format description segfault
Categories: Security News

Bugtraq: ES2018-02 Asterisk pjsip sdp invalid fmtp segfault

SecurityFocus Vulnerabilities - Tue, 02/27/2018 - 02:20
ES2018-02 Asterisk pjsip sdp invalid fmtp segfault
Categories: Security News

Bugtraq: ES2018-01 Asterisk pjsip subscribe stack corruption

SecurityFocus Vulnerabilities - Tue, 02/27/2018 - 02:20
ES2018-01 Asterisk pjsip subscribe stack corruption
Categories: Security News

CVE-2017-18202

National Vulnerability Database - Tue, 02/27/2018 - 01:29
The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified other impact by triggering a copy_to_user call within a certain time window.
Categories: Security News

CVE-2018-4910

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a heap overflow vulnerability in the JavaScript engine. The vulnerability is triggered by a PDF file with crafted JavaScript code that manipulates the optional content group (OCG). A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.
Categories: Security News

CVE-2018-4911

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The vulnerability is triggered by crafted JavaScript code embedded within a PDF file. A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack.
Categories: Security News

CVE-2018-4912

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles JPEG 2000 data. A successful attack can lead to sensitive data exposure.
Categories: Security News

CVE-2018-4913

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the XFA engine, related to DOM manipulation. The vulnerability is triggered by crafted XFA script definitions in a PDF file. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2018-4914

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing in the XPS engine. A successful attack can lead to sensitive data exposure.
Categories: Security News

CVE-2018-4915

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the JavaScript API related to color conversion. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
Categories: Security News

CVE-2018-4916

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that handless TIFF data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
Categories: Security News

CVE-2018-4891

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS module that handles TIFF data. A successful attack can lead to sensitive data exposure.
Categories: Security News

CVE-2018-4892

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF file that contains a malformed JBIG2 stream. Successful exploitation could lead to arbitrary code execution.
Categories: Security News

CVE-2018-4893

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of XPS font processing. A successful attack can lead to sensitive data exposure.
Categories: Security News

CVE-2018-4894

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS font processing. A successful attack can lead to sensitive data exposure.
Categories: Security News

CVE-2018-4895

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion engine when processing Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code.
Categories: Security News

CVE-2018-4896

National Vulnerability Database - Tue, 02/27/2018 - 00:29
An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data. A successful attack can lead to sensitive data exposure.
Categories: Security News

Pages