Page 109 of 585 results (0.059 seconds)

CVSS: 9.3EPSS: 83%CPEs: 164EXPL: 0

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, as exploited in the wild in September 2010. Vulnerabilidad sin especificar en Adobe Flash Player v10.1.82.76 y anteriores para Windows, Macintosh, Linux, Solaris; Flash Player v10.1.92.10 para Android; Reader v9.3.4 para Windows, Macintosh and UNIX; y Acrobat v9.3.4 y anteriores para Windows y Macintosh permite a los atacantes remotos causar una denegación de servicio (caída) y ejecutar código a su elección a través de vectores desconocidos, se explota activamente desde Septiembre de 2010. • http://lists.apple.com/archives/security-announce/2010//Nov/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/41434 http://secunia.com/advisories/41435 http://secunia.com/advisories/41443 http://secunia.com/advisories/41526 http://secunia.com/advisories/43025 http://secunia.com/advisories/43026 http://security.gentoo.org/glsa/glsa-201101-08. •

CVSS: 5.0EPSS: 1%CPEs: 102EXPL: 0

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes provocar una denegación de servicio (deferencia a puntero NULL) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.adobe.com/support/security/bulletins/apsb10-02.html http://www.securityfocus.com/bid/37760 http://www.securitytracker.com/id?1023446 http://www.us-cert.gov/cas/techalerts/TA10-013A.html http://www.vupen.com/english/advisories/2010/0103 https://exchange.xforce.ibmcloud.com/vulnerabilities/55555 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7975 •

CVSS: 10.0EPSS: 89%CPEs: 102EXPL: 1

Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. Desbordamiento de búfer en el Download Manager en Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes ejecutar código de su elección a través de vectores no especificados. • https://www.exploit-db.com/exploits/11172 http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://www.adobe.com/support/security/bulletins/apsb10-02.html http://www.kb.cert.org/vuls/id/773545 http://www.securityfocus.com/bid/37759 http://www.securitytracker.com/id?1023446 http://www.us-cert.gov/cas/techalerts/TA10-013A.html http://www.vupen.com/english/advisories/2010/0103 https://exchange.xforce.ibmcloud.com/vulnerabilities/55556 https://oval.ci • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 2%CPEs: 102EXPL: 0

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." La implementación 3D en Adobe Reader y Acrobat v9.x anterior a v9.3, y v8.x anterior a v8.2 sobre Windows y Mac OS X, podría permitir a atacantes ejecutar código de su elección a través de vectores no especificados, relacionados con un "vulnerabilidad de carga DLL". • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://secunia.com/advisories/38138 http://secunia.com/advisories/38215 http://www.adobe.com/support/security/bulletins/apsb10-02.html http://www.redhat.com/support/errata/RHSA-2010-0060.html http://www.securityfocus.com/bid/37761 http://www.securitytracker.com/id?1023446 http://www.us-cert.gov/cas/techalerts/TA10-013A.html http://www.vupen.com/english/advisories/2010/0103 https://bugzilla.redhat.com&# • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 3%CPEs: 102EXPL: 0

The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. La configuración por defecto en Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, no soporta adecuadamente la funcionalidad Enhanced Security, que tiene un impacto y vectores de ataque desconocidos relacionados con "una vulnerabilidad de inyección de secuencias de comandos". • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html http://secunia.com/advisories/38138 http://secunia.com/advisories/38215 http://www.adobe.com/support/security/bulletins/apsb10-02.html http://www.packetstormsecurity.org/1001-exploits/SS-2010-001.txt http://www.redhat.com/support/errata/RHSA-2010-0060.html http://www.securityfocus.com/bid/37763 http://www.securitytracker.com/id?1023446 http://www.stratsec.net/files/SS-2010-001_Stratsec_Acrobat_Script_Injection_ • CWE-16: Configuration •