iDEFENSE has reported a vulnerability in Adobe Acrobat Reader, which can be exploited by malicious people to compromise a user’s system. The vulnerability is caused due to a boundary error in the “mailListIsPdf()” function when checking input files. This can be exploited to cause a buffer overflow by e.g. sending an e-mail with a malicious PDF document attached or a link to one. Successful exploitation allows execution of arbitr… read more »
June 9th, 2007 in
Bugtraq Source:
newsnow.co.uk
Security company eEye Digital Security, which found the bugs, gave them its highest security threat rating because they enable remote code execution.Yahoo is working on a patch for critical Yahoo Messenger vulnerabilities that could enable a remote hacker to take control of a user’s system. Researchers at eEye Digital Security found the bugs within the last few weeks and reported them to Yahoo on Wednesday, according to Marc Maiffret, co-fo… read more »
June 7th, 2007 in
Bugtraq Source:
securinfos.info
Visiting a malicious website may lead to the disclosure of sensitive information. A design issue exists in QuickTime for Java, which may allow a web browser’s memory to be read by a Java applet. By enticing a user to visit a web page containing a maliciously crafted Java applet, an attacker can trigger the issue which may lead to the disclosure of sensitive information. This update addresses the issue by clearing memory before allowing it t… read more »
May 30th, 2007 in
Bugtraq Source:
securinfos.info
