Talos has discovered multiple vulnerabilities in Iceni Argus PDF content extraction product. Exploiting these vulnerabilities can allow an attacker to gain full control over the victim's machine. Although the main product is deprecated by Iceni, the library is still supported. Iceni has released a patched version that addresses these vulnerabilities. Nevertheless, the library is widely used; MarkLogic is an example of a product that uses Iceni Argus for PDF document conversion as part of their web based document search and rendering.
«Read more»
Tags:
Cisco Systems Inc. published this content on 27 February 2017 and is solely responsible for the information contained herein. Distributed by Public, unedited and unaltered, on 27 February 2017 18:22:07 UTC.
Original documenthttp://blogs.cisco.com/security/talos/vulnerability-spotlight-multiple-remote-code-execution-vulnerabilities-in-iceni-argus-pdf-content-extraction-affect-marklogic
Public permalinkhttp://www.publicnow.com/view/3A6D85F70DAF48AC6B31F023E24FB2DB7A7CDD24
Cisco Systems, Inc. is the world leader in designing, developing, and marketing Internet network equipment. Net sales break down by family of products and services as follows:
- network equipment (68.9%); switches and routers, technological software and systems (storage, Internet access, and security systems, wiring, gateways, connection interfaces and modules, etc.), etc.;
- services (24.3%): technical assistance, network design, execution, and integration services, etc.;
- security products (6.8%).
Net sales are distributed geographically as follows: Americas (58.7%), Europe/Middle East/Africa (26.6%) and Asia/Pacific (14.7%).