This module exploits a buffer overflow vulnerability in the Ghostscript software included in most Linux distributions. The vulnerability is caused by a buffer overflow in the ICC parser at the zseticcspace function in zicc.c in Ghostscript 8.61 and earlier. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
This module exploits a stack-based buffer overflow vulnerability in the PostScript processor included in GNOME Evince. The vulnerability is caused by the get_next_text() function not properly validating overly long fields in aPostScript file. The exploit is triggered when an unsuspecting user opens a specially crafted file distributed via an email.
The ExceptionDelegator component of the XWork framework, part of the Apache Struts 2 web framework, as shipped with Atlassian FishEye, interprets parameters values as OGNL expressions when handling a type conversion error. This can be exploited to execute arbitrary code on the vulnerable server by tricking a logged-in user with administrator privileges within the FishEye site to visit a specially crafted web page.
This module exploits a vulnerability in Adobe Reader and Adobe Acrobat Professional .PDF files. The vulnerability is caused due to boundary errors in the customdictionaryopen() method in Javascript api. This can be exploited to cause a stack overflow when a specially crafted PDF file is opened. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site.
This module exploits a command injection in Adobe Flash Player triggered when processing a specially crafted SWF file. This module runs a malicious web site on the Core Impact Console and waits for an unsuspecting user to trigger the exploit by connecting to the web site. This exploit works only with Adoble flash player for Linux V 10.0.12.36 (Flash player 9 is not supported).
Subscribe to Linux