An attacker could leverage this vulnerability to execute arbitrary code.Ī stack-based buffer overflow vulnerability in Advantech WebAccess Versions 9.02 and prior caused by a lack of proper validation of the length of user-supplied data may allow remote code execution.ĭelta Electronic DOPSoft 2 (Version 2.00.07 and prior) lacks proper validation of user-supplied data when parsing specific project files. It allows an attacker to cause code Execution.įATEK Automation Communication Server Versions 1.13 and prior lacks proper validation of user-supplied data, which could result in a stack-based buffer overflow condition and allow an attacker to remotely execute code.įATEK Automation WinProladder versions 3.30 and prior proper validation of user-supplied data when parsing project files, which could result in a stack-based buffer overflow. A stack-buffer-overflow exists in the function Analyze::AnalyzePages() located in analyze.cpp. It allows an attacker to cause code Execution.Īn issue was discovered in pdftools through 20200714. A stack-buffer-overflow exists in the function VectorGraphicOutputDev::drawGeneralImage() located in. It allows an attacker to cause code Execution.Īn issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN() located in Gfx.cc. A heap-buffer-overflow exists in the function swf_DumpActions() located in swfaction.c. A heap-buffer-overflow exists in the function OpAdvance() located in swfaction.c. A heap-buffer-overflow exists in the function pool_read() located in pool.c. A heap-buffer-overflow exists in the function main() located in swfdump.c. A heap-buffer-overflow exists in the function string_hash() located in q.c. A heap-buffer-overflow exists in the function swf_GetPlaceObject() located in swfobject.c. A stack-buffer-overflow exists in the function rfx_alloc() located in mem.c. User interaction is required to exploit this vulnerability.Īn issue was discovered in swftools through 20200710. svg file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.Īdobe svg-native-viewer 8182d14dfad5d1e10f53ed830328d7d9a3cfa96d and earlier versions are affected by a heap buffer overflow vulnerability due to insecure handling of a malicious. XMP Toolkit SDK version 2020.1 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user.
Exploitation of this issue requires user interaction in that a victim must open a malicious file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user.
Exploitation of this issue requires user interaction in that a victim must open a malicious file.Īcrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted PDF file. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.Īdobe Photoshop versions 21.2.11 (and earlier) and 22.5 (and earlier) are affected by a Buffer Overflow vulnerability when parsing a specially crafted SVG file. A stack-based buffer overflow vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security 10.0 SP1 could allow a local attacker to escalate privileges on affected installations.