vulndev
Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
1 min read
Overview Cisco Talos is disclosing eightteen vulnerabilities in Foxit PDF Reader, a popular free program for viewing, creating and editing PDF documents. It is commonly used as an...
Vulnerability Spotlight: TALOS-2018-0523-24 – Multiple Vulnerabilities in Pixars Renderman application
1 min read
Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading...
Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability
1 min read
Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....
Vulnerability Spotlight: MySQL Multi-Master Manager Remote Command Injection Vulnerability
1 min read
Today, Talos is releasing details of a new vulnerability within MySQL Multi-Master Manager. This is used to perform monitoring, failover and management of MySQL master-master replication configurations.
Vulnerability Spotlight: TALOS-2018-0529-531 – Multiple Vulnerabilities in NASA CFITSIO library
1 min read
Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines...
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity Ethereum Client
1 min read
Talos discloses vulnerabilities in CPP and Parity Ethereum clients: a denial of service vulnerability in libevm, plus a permissive cross-domain (CORS) whitelist policy vulnerability in the Ethereum Parity client.
Vulnerability Spotlight: TALOS-2017-0393 / CVE-2017-2886 – ACDSee Ultimate 10 Remote Code Execution Vulnerability
1 min read
Overview Talos has discovered a remote code execution vulnerability in the ACDSee Ultimate 10 application from ACD Systems International Inc. Exploiting this vulnerabilities can potentially allow an attacker to gain full control over the victim’s machine. If an attacker builds a specially crafted .PSD (Photoshop) file and the victim opens it with the ACDSee Ultimate […]
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 – Multiple Remote Code Execution Vulnerability in Poppler PDF l …
1 min read
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos. Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim’s machine. If an attacker builds a specially crafted PDF document and the victim opens it, the […]
Deep dive in Lexmark Perceptive Document Filters Exploitation
1 min read
This post authored by Marcin Noga with contributions from Nick Biasini Introduction Talos discovers and releases software vulnerabilities on a regular basis. We don’t always publish a deep technical analysis of how the vulnerability was discovered or its potential impact. This blog will cover these technical aspects including discovery and exploitation. Before we deep dive into […]