Research and Vulnerabilities

  • Wednesday, Oct 13, 2021

Since Microsoft published a new RCE vulnerability in Microsoft Windows Media Foundation discovered by us, we would also like to share full list of vulnerabilities we have discovered.

Vulnerabilities discovered by IstroSec

Name Product ID Severity  Date
Microsoft Windows Media Foundation RCE  Microsoft Media Foundation CVE-2021-41330  Critical 9/2021
Heap-based Buffer Overflow (RCE) Foxit Reader ZDI-CAN-14812 High 9/2021
Read Access Violation near null Foxit Reader / Low 8/2021
Out-of-bounds Read Foxit Reader ZDI-CAN-14659 Low 8/2021
Read Access Violation near null Foxit Reader / Low 7/2021
Cross-site Scripting exacqVision Web Service CVE-2021-27659 Medium 3/2021
Cross-site Scripting exacqVision Enterprise Manager  CVE-2021-27658 Medium 3/2021
Information Exposure exacqVision Web Service CVE-2021-27656 High 3/2021
Untrusted search path vulnerability Adobe Flash Player CVE-2016-4116 High 5/2016
Untrusted search path vulnerability Adobe Reader and Acrobat CVE-2016-1090 High 5/2016