Research and Vulnerabilities

IstroSec conducts research and discovers new vulnerabilities to improve the security of third-party applications used around the world.

CVE vulnerabilities discovered by IstroSec

Name Product ID Severity Date
VP9 Video Extensions Remote Code Execution Vulnerability Microsoft VP9 Codec CVE-2022-24501 Critical 3/2022
Microsoft Windows Media Foundation RCE Microsoft Media Foundation CVE-2021-41330 Critical 9/2021
JPG2000 File Parsing Heap-based Buffer Overflow (RCE) Foxit PDF Reader / Editor CVE-2021-34971 High 9/2021
PDF File Parsing Use-After-Free Information Disclosure Foxit PDF Reader / Editor CVE-2021-34976 Low 8/2021
Cross-site Scripting exacqVision Web Service CVE-2021-27659 Medium 3/2021
Cross-site Scripting exacqVision Enterprise Manager CVE-2021-27658 Medium 3/2021
Information Exposure exacqVision Web Service CVE-2021-27656 High 3/2021

Other vulnerabilities discovered by IstroSec

Name Product Severity Date
Read Access Violation near null Foxit PDF Reader / Editor Low 5/2022
Stored XSS ASUS / 1/2022
Read Access Violation near null Foxit PDF Reader / Editor Low 12/2021
Read Access Violation near null Foxit PDF Reader / Editor Low 12/2021
Read Access Violation near null Foxit PDF Reader / Editor Low 8/2021
Read Access Violation near null Foxit PDF Reader / Editor Low 7/2021