CVSS: 5.0EPSS: 10%CPEs: 85EXPL: 2CVE-2009-3431 – Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2009-3431
Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de consumo de pila en Reader y Acrobat de Adobe versiones 9.1.3, 9.1.2, 9.1.1 y anteriores a versiones 9.x; versiones 8.1.6 y anteriores a versiones 8.x ; y posiblemente versiones 7.1.4 y anteriores a versiones 7.x, permite a los atacantes remotos causar una denegación de servicio (bloqueo de aplicación) por medio de un archivo PDF con un gran número de caracteres [ (corchete abierto) en el argumento al método de alerta. NOTA: algunos de estos datos fueron obtenidos de la información de terceros. • https://www.exploit-db.com/exploits/33017 http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/35148 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6532 https://access.redhat.com/security/cve/CVE-2009-3431 https://bugzilla.redhat.com/show_bug.cgi?id=528665 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 19%CPEs: 83EXPL: 0CVE-2009-1861 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1861
Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption. Múltiples desbordamientos de búfer basados en memoria dinámica en Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader v8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2, podría permitir a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de un fichero PDF con un stream JPX (también conocido como JPEG2000) que inicia la corrupción de la memoria dinámica. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 46%CPEs: 83EXPL: 0CVE-2009-0510 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-0510
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, and CVE-2009-0889. Desbordamiento de búfer basado en memoria dinámica en el filtro JBIG2 en Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader 8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados, es una vulnerabilidad dsitinta a CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, and CVE-2009-0889. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 34%CPEs: 83EXPL: 0CVE-2009-0888 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-0888
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0889. Desbordamiento de búfer basado en memoria dinámica en el filtro JBIG2 en Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader 8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2 podría permitir a atacantes remotos ejecutar código de su elección a través de vectores no especificados, es una vulnerabilidad dsitinta a CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, y CVE-2009-0889. • http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http://www.redhat.com/support/errata/RHSA-2009-1109.html http://www.securityfocus.com/bid/35274 http://www.us-cert.gov/cas/techalerts/TA09-161A.html http://www.vupen.com/english/advisories/2009/1547 https://ac • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 34%CPEs: 83EXPL: 0CVE-2009-0889 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-0889
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0888. Desbordamiento de búfer basado en memoria dinámica (heap) en el filtro JBIG2 en adobe acrobat 7 reader 7 anterior a v7.1.3, Adobe Reader 8 y Acrobat 8 anterior a v8.1.6, y Adobe Reader 9 y Acrobat 9 anterior v9.1.2, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. Vulnerabilidad distinta de CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, y CVE-2009-0888. • http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http://www.redhat.com/support/errata/RHSA-2009-1109.html http://www.securityfocus.com/bid/35274 http://www.us-cert.gov/cas/techalerts/TA09-161A.html http://www.vupen.com/english/advisories/2009/1547 https://ac • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •