Dave Weinstein

Pesquisador deHP Zero Day Initiative
#8996de 53,635
30.4CVSS total
Vulnerabilidades · 4
Média
3
Alta
1
PT-2015-7422
6.8
2015-09-02
Microsoft · Office Word · CVE-2015-6948
**Name of the Vulnerable Software and Affected Versions** Corel WordPerfect (affected versions not specified) **Description** A heap-based buffer overflow issue exists in the Microsoft Word document conversion feature of Corel WordPerfect. This allows remote attackers to execute arbitrary code via a crafted document. There have been reports of this issue being exploited as a 0-day vulnerability, indicating it has been used in real-world attacks before a patch was available. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2015-1227
10
2015-05-12
Adobe · Acrobat Reader · CVE-2015-3069
**Name of the Vulnerable Software and Affected Versions** Adobe Acrobat Reader (affected versions not specified) **Description** The issue arises from the interaction with the JavaScript API, potentially allowing a remote attacker to bypass current access restriction rules. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2015-5602
6.8
2015-02-27
Webgate · Webgate Edvr Manager · CVE-2015-2095
**Name of the Vulnerable Software and Affected Versions** WebGate eDVR Manager (affected versions not specified) **Description** The issue is related to a heap-based buffer overflow in the SetConnectInfo function within the WESPPTZ.WESPPTZCtrl.1 ActiveX control. This allows remote attackers to execute arbitrary code via crafted arguments. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was exploited. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.
PT-2015-5603
6.8
2015-02-27
Webgate · Webgate Edvr Manager · CVE-2015-2096
**Name of the Vulnerable Software and Affected Versions** WebGate eDVR Manager (affected versions not specified) **Description** The issue is related to a use-after-free vulnerability in the Connect function of the WESPMonitor.WESPMonitorCtrl.1 ActiveX control. This vulnerability allows remote attackers to execute arbitrary code via an invalid IP address and a page reload. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.