An invalid read vulnerability has been identified in Foxit PDF Reader (version 1.0.1.0925 for Linux 64-bit). It can be triggered by opening a specially crafted PDF file. The vulnerability leads to a segmentation fault, resulting in a crash.
The vulnerability occurs in Foxit PDF Reader version 1.0.1.0925 for Linux 64-bit when a specially crafted PDF file is opened. The crash is triggered by an out-of-bounds read in the CPDF_DIBSource::TranslateScanline24bpp function. This can be exploited by an attacker to execute arbitrary code or cause a denial of service.
A memory corruption vulnerability has been identified in Foxit PDF Reader. This vulnerability can be exploited by opening a specially crafted PDF file. The issue occurs when the application is started with specific environment variables. An excerpt from the crash log suggests that the issue is related to a free() function call with an invalid pointer.
The vulnerability allows an attacker to include a remote file on the victim's server, potentially leading to remote code execution.
The vulnerability is present in the isql_main.c file of iSQL(RL) 1.0. The strcpy function at line 453 is vulnerable as it does not check the size of the 'str' variable before copying it into 'cmd'. This can lead to a buffer overflow.
The exploit allows an attacker to execute arbitrary code on a target system by creating a malicious .m3u file. This can be used to take control of the affected system and potentially gain unauthorized access. The exploit takes advantage of a buffer overflow vulnerability in the Easy RM to MP3 Converter software.
This exploit targets a remote buffer overflow vulnerability in the ATNBaseLoader100.dll module, version 5.4.0.6. It can be triggered by passing 272 characters to the Send485CMD method, causing the EIP to be overwritten. The SetLoginID, AddSite, SetScreen, and SetVideoServer methods are also vulnerable to less convenient overflows or seh overwrite.
In IOAccelContext2::clientMemoryForType the lock_busy/unlock_busy should be extended to cover all the code setting up shared memory type 2. At the moment the lock doesn't protect two threads racing where one reaches the release at +0x56AD (outside the lock) while the other is still using those raw pages via the raw pointer at IOAccelContext+0x610 inside the locked region.
The closeClient() method in IOAudioEngineUserClient class sets the audioEngine member pointer to NULL. However, the safeRegisterClientBuffer method uses the audioEngine pointer without checking if it's NULL. This can lead to a NULL pointer dereference vulnerability. By calling the getStreamForID method, which calls a virtual function on a member, an attacker can control the RIP register.
The FlaP v.1.0. Beta application is vulnerable to remote file inclusion, allowing an attacker to include and execute arbitrary files on the server. This vulnerability can be exploited by providing a malicious file path as a parameter in the affected PHP files (skin/html/table.php and login.php). The vulnerable code snippets in these files use the 'include' function to include the specified file without proper sanitization or validation.
Services By CQR