CVSS: 10.0EPSS: 90%CPEs: 15EXPL: 2CVE-2013-2729 – Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2013-2729
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727. Desbordamiento de entero en Adobe Reader y Acrobat v9.x anterior a v9.5.5, v10.x anterior a v10.1.7, y v11.x anterior a v11.0.03 permite a atacantes remotos ejecutar código arbitrario mediante vectores desconocidos, una vulnerabilidad diferente a CVE-2013-2727. Adobe Reader X version 10.1.4.38 suffers from a BMP/RLE heap corruption vulnerability. Integer overflow vulnerability in Adobe Reader and Acrobat allows attackers to execute remote code. • https://www.exploit-db.com/exploits/26703 https://github.com/feliam/CVE-2013-2729 http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html http://rhn.redhat.com/errata/RHSA-2013-0826.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-15.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 https://access.redhat.com/security/cve/CVE-2013-2729 https://bugzilla&# • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.3EPSS: 3%CPEs: 79EXPL: 0CVE-2012-4363
https://notcve.org/view.php?id=CVE-2012-4363
Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." Múltiples vulnerabilidades no especificadas en Adobe Reader through v10.1.4 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un documento PDF manipulado, relacionado con "dieciséis incidentes más que afectan a Windows, OS X o ambos sistemas". • http://gynvael.coldwind.pl/?id=483 http://j00ru.vexillium.org/?p=1175 http://security.gentoo.org/glsa/glsa-201308-03.xml http://vexillium.org/dl.php?ar_callstack.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/78587 •
CVSS: 9.8EPSS: 62%CPEs: 14EXPL: 0CVE-2011-4373 – Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4373
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, en Windows y Mac OS X permite a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4372. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51350 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615 https://access.redhat.com/security/cve/CVE-2011-4373 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0CVE-2011-4371 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2011-4371
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2 bajo Windows y Mac OS X permiten a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria dinámica) a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51351 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809 https://access.redhat.com/security/cve/CVE-2011-4371 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 2%CPEs: 14EXPL: 0CVE-2011-4372 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2011-4372
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, bajo Windows y Mac OS X permiten a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4373. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51349 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857 https://access.redhat.com/security/cve/CVE-2011-4372 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •