Research and Vulnerabilities

  • Wednesday, Oct 13, 2021
Singel-post cover image

Since Microsoft published a new RCE vulnerability in Microsoft Windows Media Foundation discovered by us, we would also like to share full list of vulnerabilities we have discovered.

Vulnerabilities discovered by IstroSec

Name Product ID Severity  Date
Microsoft Windows Media Foundation RCE Microsoft Media Foundation CVE-2021-41330  Critical 9/2021
JPG2000 File Parsing Heap-based Buffer Overflow (RCE)  Foxit Reader CVE-2021-34971 High 9/2021
Read Access Violation near null Foxit Reader / Low 8/2021
PDF File Parsing Use-After-Free Information Disclosure Foxit Reader CVE-2021-34976 Low 8/2021
Read Access Violation near null Foxit Reader / Low 7/2021
Cross-site Scripting exacqVision Web Service CVE-2021-27659 Medium 3/2021
Cross-site Scripting exacqVision Enterprise Manager  CVE-2021-27658 Medium 3/2021
Information Exposure exacqVision Web Service CVE-2021-27656 High 3/2021
Untrusted search path vulnerability Adobe Flash Player CVE-2016-4116 High 5/2016
Untrusted search path vulnerability Adobe Reader and Acrobat CVE-2016-1090 High 5/2016

References:

https://www.istrosec.com/about/research-and-vulnerabilities/