ZDI-23-339: Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Remote Code Execution Vulnerability

March 16, 2023

Read Time:7 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-340: Schneider Electric IGSSdataServer Exposed Dangerous Function Data Deletion Vulnerability

March 16, 2023

Read Time:8 Second

This vulnerability allows remote attackers to delete application-level data on affected installations of Schneider Electric IGSS. Authentication is not required to exploit this vulnerability.

Advisories

ZDI-23-341: Schneider Electric IGSS openReport Improper Input Validation Remote Code Execution Vulnerability

March 16, 2023

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Schneider Electric IGSS. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-246: Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability

March 16, 2023

Read Time:11 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-247: Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

March 16, 2023

Read Time:11 Second

Advisories

ZDI-23-248: Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

March 16, 2023

Read Time:11 Second

Advisories

ZDI-23-249: Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

March 16, 2023

Read Time:11 Second

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Adobe Illustrator. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-250: Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

March 16, 2023

Read Time:12 Second

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Substance 3D Stager. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.

Advisories

ZDI-23-251: Adobe Substance 3D Stager FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

March 16, 2023

Read Time:12 Second

Advisories

ZDI-23-252: Adobe Substance 3D Stager OBJ File Parsing Memory Corruption Remote Code Execution Vulnerability

March 16, 2023

Read Time:12 Second

Cyber Security News

Daily Archives: March 16, 2023

ZDI-23-339: Schneider Electric IGSS IGSSdataServer Exposed Dangerous Function Remote Code Execution Vulnerability

ZDI-23-340: Schneider Electric IGSSdataServer Exposed Dangerous Function Data Deletion Vulnerability

ZDI-23-341: Schneider Electric IGSS openReport Improper Input Validation Remote Code Execution Vulnerability

ZDI-23-246: Adobe Illustrator Font Parsing Memory Corruption Remote Code Execution Vulnerability

ZDI-23-247: Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-23-248: Adobe Illustrator Font Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability

ZDI-23-249: Adobe Illustrator Font Parsing Out-Of-Bounds Read Information Disclosure Vulnerability

ZDI-23-250: Adobe Substance 3D Stager USDC File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability

ZDI-23-251: Adobe Substance 3D Stager FBX File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

ZDI-23-252: Adobe Substance 3D Stager OBJ File Parsing Memory Corruption Remote Code Execution Vulnerability

News, Advisories and much more