Posted by Jonathan Gregson via Fulldisclosure on Mar 09
Mr. Post is an Outlook add-in used for inspecting emails for threats. Its tagline states “One click to visualize email.
Unveil scam, phishing, ransom and BEC (Business Email Compromise).” The add-in is featured prominently in the Outlook
Add-in store, including those on iOS and Android. It’s possible that users in your org use this add-in. You can find it
in Microsoft AppSource here:…
Multiple vulnerabilities have been discovered in PTC Axeda Agent and Axeda Desktop Server, the most severe of which could allow for remote code execution. PTC Axeda is a cloud based remote access solution commonly used for devices within the healthcare industry. Successful exploitation of these vulnerabilities could result in full system access, remote code execution, read/change configuration, file system read access, log information access, and a denial-of-service condition.
Multiple vulnerabilities have been discovered in Adobe products, the most severe of which could allow for Arbitrary Code Execution.
Illustrator is a vector graphics editor and design program.
Photoshop is a graphics editor.
Adobe After Effects is a digital visual effects, motion graphics, and compositing application.
Successful exploitation of the most severe of these vulnerabilities could allow for arbitrary code execution. Depending on the privileges associated with the user, an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights.
This vulnerability allows local attackers to escalate privileges on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Bitdefender Total Security. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Ecava IntegraXor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ecava IntegraXor. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.