Vulnerability Spotlight: Multiple Issues in Foxit PDF Reader
Overview Cisco Talos is disclosing eightteen vulnerabilities in Foxit PDF Reader, a popular free program for viewing, creating and editing PDF documents. It is commonly used as an...
Vulnerability Spotlight: TALOS-2018-0523-24 – Multiple Vulnerabilities in Pixars Renderman application
Talos is disclosing two denial-of-ervice vulnerabilities in Pixar’s Renderman application. Renderman is a rendering application used in animation and film production. It is widely used for advanced rendering and shading...
Vulnerability Spotlight: TALOS-2018-0535 – Ocularis Recorder VMS_VA Denial of Service Vulnerability
Talos is disclosing a denial-of-service vulnerability in the Ocularis Recorder. Ocularis is a video management software (VMS) platform used in a variety of settings, from convenience stores, to city-wide deployments....
Vulnerability Spotlight: MySQL Multi-Master Manager Remote Command Injection Vulnerability
Today, Talos is releasing details of a new vulnerability within MySQL Multi-Master Manager. This is used to perform monitoring, failover and management of MySQL master-master replication configurations.
Vulnerability Spotlight: TALOS-2018-0529-531 – Multiple Vulnerabilities in NASA CFITSIO library
Vulnerabilities discovered by Tyler Bohan from Talos Overview Talos is disclosing three remote code execution vulnerabilities in the NASA CFITSIO library. CFITSIO is a library of C and Fortran subroutines...
Vulnerability Spotlight: Multiple Vulnerabilities in the CPP and Parity Ethereum Client
Talos discloses vulnerabilities in CPP and Parity Ethereum clients: a denial of service vulnerability in libevm, plus a permissive cross-domain (CORS) whitelist policy vulnerability in the Ethereum Parity client.
Vulnerability Spotlight: TALOS-2017-0393 / CVE-2017-2886 – ACDSee Ultimate 10 Remote Code Execution Vulnerability
Overview Talos has discovered a remote code execution vulnerability in the ACDSee Ultimate 10 application from ACD Systems International Inc. Exploiting this vulnerabilities can potentially allow an attacker to gain full control over the victim’s machine. If an attacker builds a specially crafted .PSD (Photoshop) file and the victim opens it with the ACDSee Ultimate […]
Vulnerability Spotlight: TALOS-2017-0311,0319,0321 – Multiple Remote Code Execution Vulnerability in Poppler PDF l …
Vulnerability discovered by Marcin Noga, Lilith Wyatt and Aleksandar Nikolic of Cisco Talos. Overview Talos has discovered multiple vulnerabilities in the freedesktop.org Poppler PDF library. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim’s machine. If an attacker builds a specially crafted PDF document and the victim opens it, the […]
Deep dive in Lexmark Perceptive Document Filters Exploitation
This post authored by Marcin Noga with contributions from Nick Biasini Introduction Talos discovers and releases software vulnerabilities on a regular basis. We don’t always publish a deep technical analysis of how the vulnerability was discovered or its potential impact. This blog will cover these technical aspects including discovery and exploitation. Before we deep dive into […]