Page 100 of 550 results (0.052 seconds)

CVSS: 9.3EPSS: 5%CPEs: 40EXPL: 0

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. Adobe Reader y Acrobat v9.x anterior v9.3.2, y v8.x anterior v8.2.2 en Windows y Mac OS X, permite a atacantes causar una denegación de servicio (caída de aplicación) o ejecutar código de su elección a través de vectores no especificados, una vulnerabilidad diferente que CVE-2010-0197, CVE-2010-0201, y CVE-2010-0204. • http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.securityfocus.com/bid/39329 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6823 https://access.redhat.com/security/cve/CVE-2010-0194 https://bugzilla.redhat.com/show_bug.cgi?id=581417 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 8%CPEs: 40EXPL: 0

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader y Acrobat v9.x anterior v9.3.2, y v8.x anterior v8.2.2 en Windows y Mac OS X, no maneja adecuadamente fuentes, lo que permite a atacantes ejecutar código de su elección a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL. The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. • http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.securityfocus.com/bid/39329 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7420 https://access.redhat.com/security/cve/CVE-2010-0195 https://bugzilla.redhat.com/show_bug.cgi?id=581417 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 27%CPEs: 16EXPL: 4

Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. Vulnerabilidad no específica en Adobe Reader y Acrobat v8.x anteriores a v8.2.1 y v9.x anteriores v9.3.1, permite a atacantes provocar una denegación de servicio (caidas de aplicación) o posiblemente ejecutar código de su elección a través de vectores no especificados. Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code. • https://www.exploit-db.com/exploits/21869 https://www.exploit-db.com/exploits/21868 https://www.exploit-db.com/exploits/16670 https://www.exploit-db.com/exploits/11787 http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/38639 http://secunia.com/advisories/38915 http://securitytracker.com/id?1023601 http://www.adobe.com/support/security/bulletins/apsb10-07.html http://www.redhat.com/support/errata/RHSA-2010-0114.html http: • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 6.8EPSS: 2%CPEs: 84EXPL: 0

Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors. Vulnerabilidad de tipo cross-domain en Adobe Flash Player anterior a versión 10.0.45.2, Adobe AIR anterior a 1.5.3.9130 y Adobe Reader y Acrobat 8.x anterior al 8.2.1 y 9.x anterior al 9.3.1 permite a los atacantes remotos omitir las restricciones de sandbox previstas y hacer peticiones de tipo cross-domain por medio de vectores no específicos. • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/38547 http://secunia.com/advisories/38639 http://secunia.com/advisories/38915 http://secunia.com/advisories/40220 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-09.xml http://securitytracker.com/id?1023585 http://support.apple.com/kb/HT4188 http://www.adobe.com/sup •

CVSS: 5.0EPSS: 1%CPEs: 102EXPL: 0

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes provocar una denegación de servicio (deferencia a puntero NULL) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.adobe.com/support/security/bulletins/apsb10-02.html http://www.securityfocus.com/bid/37760 http://www.securitytracker.com/id?1023446 http://www.us-cert.gov/cas/techalerts/TA10-013A.html http://www.vupen.com/english/advisories/2010/0103 https://exchange.xforce.ibmcloud.com/vulnerabilities/55555 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7975 •