>> ARCHIVE: 2019-08

ManageEngine opManager version 12.3.150 suffers from an authenticated code execution vulnerability.

This Metasploit module exploits a command injection vulnerability in the Tesla Agent botnet panel.

Adobe Acrobat CoolType (AFDKO) suffers from a memory corruption vulnerability in the handling of Type 1 font load/store operators.

Adobe Acrobat CoolType (AFDKO) performs a call from uninitialized memory due to an empty FDArray in Type 1 fonts.

The Microsoft Font Subsetting DLL (fontsub.dll) is a default Windows helper library for subsetting TTF fonts. It has an issue where it returns a dangling pointer via MergeFontPackage.

Microsoft Font Subsetting DLL suffers from a heap-based out-of-bounds read vulnerability in GetGlyphIdx.

Microsoft Font Subsetting DLL suffers from a double free vulnerability in MergeFormat12Cmap / MakeFormat12MergedGlyphList.

Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in FixSbitSubTables.

Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadTableIntoStructure.

Microsoft Font Subsetting DLL suffers from a heap corruption vulnerability in ReadAllocFormat12CharGlyphMapList.