CVE-2007-5169

Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows allows user-assisted remote attackers to execute arbitrary code via a long font name in a .PMD file.

Publication date: Thu, 11 Oct 2007 15:17:00 +0000

Cyber News related to CVE-2007-5169

CVE-2007-5394 - Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure, a different vulnerability than CVE-2007-5169 and ...
5 years ago

CVE-2007-6432 - Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a different vulnerability than CVE-2007-5169 ...
5 years ago

CVE-2015-2503 - Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 ...
5 years ago

CVE-2007-5169 - Stack-based buffer overflow in MAIPM6.dll in Adobe PageMaker 7.0.1 and 7.0.2 on Windows allows user-assisted remote attackers to execute arbitrary code via a long font name in a .PMD file. ...
6 years ago

CVE-2017-5169 - An issue was discovered in Hanwha Techwin Smart Security Manager Versions 1.5 and prior. Multiple Cross Site Request Forgery vulnerabilities have been identified. The flaws exist within the Redis and Apache Felix Gogo servers that are installed as ...
2 years ago

CVE-2006-5169 - Cross-site scripting (XSS) vulnerability in John Himmelman (aka DaRk2k1) PowerPortal 1.1 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly related to registering a user. NOTE: the provenance of this ...
15 years ago

CVE-2010-5169 - ** DISPUTED ** Race condition in Online Armor Premium 4.0.0.35 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware ...
11 years ago

CVE-2013-5716 - Gretech GOM Media Player 2.2.53.5169 and possibly earlier allows remote attackers to cause a denial of service (application crash) via a crafted WAV file. ...
10 years ago

CVE-2013-5715 - Buffer overflow in Gretech GOM Media Player before 2.2.53.5169 has unspecified impact and attack vectors. ...
10 years ago

CVE-2013-5169 - CoreGraphics in Apple Mac OS X before 10.9, when display-sleep mode is used, does not ensure that screen locking blocks the visibility of all windows, which allows physically proximate attackers to obtain sensitive information by reading the screen. ...
10 years ago

CVE-2014-5169 - Cross-site scripting (XSS) vulnerability in the Date module before 7.x-2.8 for Drupal allows remote authenticated users with the permission to create a date field to inject arbitrary web script or HTML via the date field title. ...
9 years ago

CVE-2016-5169 - Format string vulnerability in Google Chrome OS before 53.0.2785.103 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. ...
7 years ago

CVE-2012-5169 - Multiple cross-site scripting (XSS) vulnerabilities in file_manager/preview_top.php in ATutor AContent before 1.2-2 allow remote attackers to inject arbitrary web script or HTML via the (1) pathext, (2) popup, (3) framed, or (4) file parameter. ...
6 years ago

CVE-2008-5169 - SQL injection vulnerability in drinks/drink.php in Drinks Complete Website 2.1.0 allows remote attackers to execute arbitrary SQL commands via the drinkid parameter. ...
6 years ago

CVE-2018-5169 - If manipulated hyperlinked text with "chrome:" URL contained in it is dragged and dropped on the "home" icon, the home page can be reset to include a normally-unlinkable chrome page as one of the home page tabs. This vulnerability ...
5 years ago

CVE-2011-5169 - SQL injection vulnerability in sgms/reports/scheduledreports/configure/scheduleProps.jsp in SonicWall ViewPoint 6.0 SP2 allows remote attackers to execute arbitrary SQL commands via the scheduleID parameter. ...
5 years ago

CVE-2015-5169 - Cross-site scripting (XSS) vulnerability in Apache Struts before 2.3.20. ...
5 years ago

CVE-2019-5169 - An exploitable command injection vulnerability exists in the iocheckd service ‘I/O-Check’ function of the WAGO PFC 200 Firmware version 03.02.02(14). A specially crafted XML cache file written to a specific location on the device can be used to ...
4 years ago

CVE-2023-5169 - A compromised content process could have provided malicious data in a `PathRecording` resulting in an out-of-bounds write, leading to a potentially exploitable crash in a privileged process. This vulnerability affects Firefox < 118, Firefox ESR ...
8 months ago

CVE-2024-5169 - The Video Widget WordPress plugin through 1.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is ...
4 days ago

CVE-2013-6078 - The default configuration of EMC RSA BSAFE Toolkits and RSA Data Protection Manager (DPM) 20130918 uses the Dual Elliptic Curve Deterministic Random Bit Generation (Dual_EC_DRBG) algorithm, which makes it easier for context-dependent attackers to ...
10 years ago

CVE-2011-1892 - Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management ...
5 years ago

CVE-2015-0085 - Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold ...
5 years ago

CVE-2016-0012 - Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, ...
5 years ago

CVE-2007-4246 - Unspecified vulnerability, possibly a buffer overflow, in Justsystem Ichitaro 2007 and earlier allows remote attackers to execute arbitrary code via a modified document, as actively exploited in August 2007 by malware such as Tarodrop.D (Tarodrop.Q), ...
6 years ago

Latest Cyber News

India Report Claims Apple Supplier 'Excluded Married Women' - 19 minutes ago
Juniper Releases Out-Of-Cycle Critical Update for Smart Routers - 19 minutes ago
Remote Rigor: Safeguarding Data in the Age of Digital Nomads - 20 minutes ago
30 Best Cyber Security Search Engines - 59 minutes ago
How to protect data at rest and in transit - 1 hour ago
Sony Enters Crypto Exchange Arena with Acquisition of Amber - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 1 hour ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 2 hours ago
Indonesian government didn't backup ransomwared data The Register - 2 hours ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 2 hours ago
Portainer: Open-source Docker and Kubernetes management - 2 hours ago
Why every company needs a DDoS response plan - 2 hours ago
Microsoft tells more customers their emails have been stolen The Register - 3 hours ago

Cyber Trends (last 7 days)

Okta - 7 months ago
23andMe - 6 months ago
Kimsuky - 7 months ago
LogoFAIL - 6 months ago
Gh0st rat - 7 months ago

Trending Cyber News (last 7 days)

Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Remote Rigor: Safeguarding Data in the Age of Digital Nomads - 20 minutes ago
Juniper Releases Out-Of-Cycle Critical Update for Smart Routers - 19 minutes ago
India Report Claims Apple Supplier 'Excluded Married Women' - 19 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
30 Best Cyber Security Search Engines - 59 minutes ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Sony Enters Crypto Exchange Arena with Acquisition of Amber - 1 hour ago
How to protect data at rest and in transit - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
Police allege 'evil twin' in-flight Wi-Fi used to steal info The Register - 1 hour ago
Cyber Insurance demand fall as businesses bolster their cybersecurity infrastructure - 1 hour ago
CVE-2024-6419 - 7 hours ago
Water Sigbin Hackers Exploit Oracle WebLogic Vulnerabilities - 2 hours ago
Why every company needs a DDoS response plan - 2 hours ago
Portainer: Open-source Docker and Kubernetes management - 2 hours ago
Product showcase: Protect digital identities with Swissbit's iShield Key Pro - 2 hours ago
Indonesian government didn't backup ransomwared data The Register - 2 hours ago