Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2022-35670PUBLISHED: 2022-08-11
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Expl...
CVE-2022-35671PUBLISHED: 2022-08-11
Adobe Acrobat Reader versions 22.001.20169 (and earlier), 20.005.30362 (and earlier) and 17.012.30249 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR....
CVE-2022-35673PUBLISHED: 2022-08-11
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute ...
CVE-2022-35674PUBLISHED: 2022-08-11
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute ...
CVE-2022-35675PUBLISHED: 2022-08-11
Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a mal...
User Rank: Strategist
6/20/2014 | 4:43:19 PM
The ECPA has been criticized for failing to protect all communications and consumer records, mainly because the law is so outdated and out of touch with how people share, store, and use information nowadays. For instance, under the ECPA it is relatively easy for a government agency to demand that service providers hand over personal consumer data that has been stored on their servers.
For instance, email that is stored on a third party's server for more than 180 days is considered by the law to be abandoned (amazing), and all that is required to obtain the content of the emails by a law enforcement agency, is a written statement certifying that the information is relevant to an investigation, without judical review. Yet in a patent lawsuit ever piece of electronic communication in your posession including archived backups can be frozen by subpoena and subject to future review for applicibility to the case.
Obviously, the ECPA needs a major overhaul. Just imagine the furor that will be created as every congressman, agency, and lobbyist jockey to put their 2-cents in. And of course any new law will the ultimately play out in the courts as there will be challenges and counter challenges as we have seen with current ECPA.