Page 109 of 546 results (0.009 seconds)

CVSS: 9.8EPSS: 62%CPEs: 14EXPL: 0

CVE-2011-4373 – Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-4373

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, en Windows y Mac OS X permite a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4372. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51350 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615 https://access.redhat.com/security/cve/CVE-2011-4373 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0

CVE-2011-4371 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)

https://notcve.org/view.php?id=CVE-2011-4371

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via unspecified vectors. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2 bajo Windows y Mac OS X permiten a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria dinámica) a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51351 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14809 https://access.redhat.com/security/cve/CVE-2011-4371 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •

CVSS: 9.8EPSS: 2%CPEs: 14EXPL: 0

CVE-2011-4372 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)

https://notcve.org/view.php?id=CVE-2011-4372

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, bajo Windows y Mac OS X permiten a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4373. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51349 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14857 https://access.redhat.com/security/cve/CVE-2011-4372 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •

CVSS: 7.5EPSS: 2%CPEs: 14EXPL: 0

CVE-2011-4370 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)

https://notcve.org/view.php?id=CVE-2011-4370

Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4372 and CVE-2011-4373. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2 para Windows y Mac OS X permiten a los atacantes ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4372 y CVE-2011-4373. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51348 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14801 https://access.redhat.com/security/cve/CVE-2011-4370 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •

CVSS: 10.0EPSS: 6%CPEs: 2EXPL: 0

CVE-2009-0836

https://notcve.org/view.php?id=CVE-2009-0836

Foxit Reader 2.3 before Build 3902 and 3.0 before Build 1506, including 1120 and 1301, does not require user confirmation before performing dangerous actions defined in a PDF file, which allows remote attackers to execute arbitrary programs and have unspecified other impact via a crafted file, as demonstrated by the "Open/Execute a file" action. Foxit Reader v2.3 anterior a Build 3902 y v3.0 anterior a Build 1506, incluidas la 1120 y 1301, no requiere la confirmación del usuario antes de realizar acciones peligrosas en un fichero PDF, lo que permite a atacantes remotos ejecutar programas de manera arbitraria y pudiendo producir un impacto sin especificar a través de un fichero manipulado, como se ha demostrado en la acción "Abrir/Ejecutar fichero". • http://blog.zoller.lu/2009/03/remote-code-execution-in-pdf-still.html http://lists.immunitysec.com/pipermail/dailydave/2010-April/006079.html http://secunia.com/advisories/34036 http://www.coresecurity.com/content/foxit-reader-vulnerabilities http://www.foxitsoftware.com/pdf/reader/security.htm#bypass http://www.securityfocus.com/archive/1/501623/100/0/threaded http://www.securityfocus.com/bid/34035 http://www.securitytracker.com/id?1021824 http://www.vupen.com/english/advisories/2009&#x • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •