Vulnerability Spotlight: Adobe Acrobat Reader remote code execution
Aleksandar Nikolic of Cisco Talos discovered these vulnerabilities. Executive summary There is a remote code execution vulnerability in Adobe Acrobat Reader that could occur if a user were to open a malicious PDF on their machine using the software. Acrobat is the most widely
Vulnerability Spotlight: Multiple vulnerabilities in GOG Galaxy Games
Richard Johnson and Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary The GOG Galaxy video game launcher contains multiple vulnerabilities that could allow a malicious actor to carry out a variety of attacks. GOG Galaxy Games is a video game storef
Vulnerability Spotlight: Privilege escalation bug in CleanMyMac X's helper service
Tyler Bohan of Cisco Talos discovered this vulnerability. Executive summary CleanMyMac X contains a privilege escalation vulnerability in its helper service due to improper updating. The application fails to remove the vulnerable components upon upgrading to the latest version
Vulnerability Spotlight: Multiple local vulnerabilities in Pixar Renderman
Tyler Bohan of Cisco Talos discovered these vulnerabilities. Executive summary The MacOS version of Pixar Renderman contains three local vulnerabilities in its install helper tool. An attacker could exploit these bugs to escalate their privileges to root. Renderman is a rende
Vulnerability Spotlight: Remote code execution vulnerability in Antenna House Rainbow PDF Office Server Document Converter
Emmanuel Tacheau of Cisco Talos discovered this vulnerability. Executive summary Antenna House Rainbow PDF Office Server Document Converter contains a heap overflow vulnerability that could allow an attacker to remotely execute code on the victim machine. Rainbow PDF is a soft
Vulnerability Spotlight: Multiple vulnerabilities in ACD Systems Canvas Draw 5
Tyler Bohan of Cisco Talos discovered these vulnerabilities. Vanja Svajcer authored this blog post. Cisco Talos is disclosing several vulnerabilities in ACD Systems' Canvas Draw 5, a graphics-editing tool for Mac. The vulnerable component of Canvas Draw 5 lies in the handlin
Vulnerability Spotlight: Multiple vulnerabilities in coTURN
Nicolas Edet of Cisco discovered these vulnerabilities. Executive summary Today, Cisco Talos is disclosing three vulnerabilities in coTURN. coTURN is an open-source implementation of TURN and STUN servers that can be used as a general-purpose networking traffic TURN server. TU
Vulnerability Spotlight: Python.org certificate parsing denial-of-service
Colin Read and Nicolas Edet of Cisco Talos discovered these vulnerabilities. Executive summary Python.org contains an exploitable denial-of-service vulnerability in its X509 certificate parser. A specially crafted X509 certificate can cause a NULL pointer dereference, resultin
Vulnerability Spotlight: Multiple WIBU SYSTEMS WubiKey vulnerabilities
Marcin "Icewall" Noga of Cisco Talos discovered these vulnerabilities. Executive Summary Cisco Talos discovered two vulnerabilities that could allow remote code execution and memory disclosure at the kernel level in WIBU-SYSTEMS WibuKey. WibuKey is a USB key designed