Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910

A heap overflow vulnerability was discovered in Adobe Acrobat Pro DC. The issue occurs due to improper handling of OCG content. Upon successful exploitation an attacker can corrupt memory,control-flow hijack. CVE-2018-4910 has been assigned to track this vulnerability.The issue affects Adobe Acrobat Pro DC 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions Vulnerability … Continue reading “Adobe Acrobat Reader OCG Heap-based Buffer Overflow : CVE-2018-4910”

CouchDB Remote Code Execution Vulnerability

CouchDB is an open source non-SQL database designed for easy data replication. It uses Couch replication protocol to implement its replication functionality. CouchDB is implemented in Erlang. Two vulnerabilities CVE-2017-12635, CVE-2017-12636 were reported in CouchDB, they can exploited by attackers to achieve remote code execution with admin privileges. CVE-2017-12635: Elevation of privilege The vulnerability allows non-admin users … Continue reading “CouchDB Remote Code Execution Vulnerability”