Home > Knowledge Centre > zero day

CVE-2018-15982- Adobe Flash Player use after free (Zero Day) vulnerability alert!

  • Prashant Tilekar / 7 years
  • 2
  • 2 min read

The recent zero-day vulnerability CVE-2018-15982 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-42 on December 5, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in targeted attacks. Vulnerable Versions Adobe Flash Player 31.0.0.153 and earlier […]

CVE-2018-5002 – Adobe Flash Player Stack Buffer Overflow Vulnerability Alert!

  • Sameer Patil / 8 years
  • 0
  • 2 min read

The recent zero-day vulnerability CVE-2018-5002 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-19 on June 7, 2018 to address this issue. According to Adobe, the in-wild exploit is being used in limited, targeted attacks and it impacts limited Windows users. Vulnerable […]

CVE-2018-4990 – Adobe Reader Double Free (Zero Day) vulnerability alert!

  • Prashant Kadam / 8 years
  • 0
  • 2 min read

The recent zero-day vulnerability CVE-2018-4990 in Adobe Reader enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSB18-09 on May 14, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions Acrobat DC 2018.011.20038 and earlier […]

An analysis of an MS office document exploiting a zero-day flash player vulnerability (CVE-2018-4878)

  • Quick Heal Security Labs / 8 years
  • 0
  • 3 min read

Important update! Adobe Systems released a critical security update on 6.02.2017 to fix the vulnerability discussed in this post. We recommend you to apply the update immediately. Summary of the vulnerability CVE-2018-4878 is a use-after-free vulnerability present in Adobe Flash Player 28.0.0.137 and its earlier versions are being exploited in the wild. A successful exploitation […]

CVE-2018-4878 – Adobe Flash Player use after free (Zero Day) vulnerability Alert!

  • Pradeep Kulkarni / 8 years
  • 0
  • 1 min read

The recent zero-day vulnerability CVE-2018-4878 in Adobe Flash Player enables attackers to perform a Remote Code Execution on targeted machines. Adobe has released a security advisory APSA18-01 on February 2, 2018 to address this issue. According to Adobe, the in-wild attack is targeted and it impacts limited Windows users. Vulnerable versions Adobe Flash Player 28.0.0.137 […]

CVE-2017-11826 – Microsoft Office Memory Corruption Vulnerability – an Alert by Quick Heal Security Labs

  • Pradeep Kulkarni / 8 years
  • 0
  • 2 min read

The recent zero-day vulnerability in Microsoft Office vulnerability CVE-2017-11826 enables attackers to perform a Remote Code Execution on targeted machines. According to a recently published blog post, this vulnerability is being exploited in the wild. Microsoft has released a security update on October 10, 2017, to fix this issue. Vulnerable versions The following versions of […]

CVE-2017-8759 | .NET Framework Remote Code Execution Vulnerability – An analysis by Quick Heal Security Labs

  • Pavankumar Chaudhari / 8 years
  • 0
  • 2 min read

The recent zero-day vulnerability in .NET Framework vulnerability CVE-2017-8759 enables attackers to perform a Remote Code Execution on the targeted machine. This vulnerability is found to be exploited in the wild through email spam messages loaded with malicious RTF files as an attachment. Microsoft has released a security update on September 12, 2017, to fix […]

CVE-2017-0199 – Microsoft Office/WordPad Remote Code Execution Vulnerability w/Windows API

  • Pradeep Kulkarni / 9 years
  • 0
  • 2 min read

The newly discovered zero-day vulnerability (CVE-2017-0199) in Microsoft Office/WordPad is being actively exploited in the wild. Almost all Microsoft Office versions are affected with this bug. To fix this vulnerability, Microsoft released a security update on April 11, 2017. Vulnerable Versions According to Microsoft, the following are the affected products (past support life cycle products […]

CVE-2017-5638 – Apache Struts 2 Remote Code Execution Vulnerability

  • Pradeep Kulkarni / 9 years
  • 0
  • 2 min read

The well-known open source web application framework Apache Struts 2 is being actively exploited in the wild allowing hackers to launch a remote code execution attack.  To address this issue, Apache has issued a security advisory and CVE-2017-5638 has been assigned to it. The zero-day bug has been rated with the highest severity rating ‘High’. […]

Zero-day Vulnerability Hits Microsoft Office – Temporary Patch Available

  • Sakshat Karkare / 12 years
  • 2
  • 3 min read

Microsoft has issued a new security advisory against an exploit that hackers are using to target a zero-day vulnerability in Microsoft Office. A temporary ‘Fix It’ tool has been released by the company; a permanent fix is yet to be rolled out. A pre-existing vulnerability in some versions of Microsoft office has raised fresh concerns […]