CVE-2010-3623
https://notcve.org/view.php?id=CVE-2010-3623
Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Vulnerabilidad no especificada en Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Mac OS X, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14129 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-3625 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-3625
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." Vulnerabilidad no especificada en Adobe Reader y Acrobat v9.x anterior a v9.4 y v8.x anterior a v8.2.5 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección a través de vecotes no especificados, relacionado con una vulnerabilidad de manejador de protocolo de prefijo (prefix protocol handler vulnerability) • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2010-3621 – Adobe Reader ICC Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3621
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Una vulnerabilidad diferente de CVE-2010-2890, CVE-2010-3619, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, y CVE-2010-3658. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing ICC streams. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-3622 – Adobe Acrobat Reader ICC mluc Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3622
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. Vulnerabilidad no especificada en Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente de CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3628, CVE-2010-3632, y CVE-2010-3658. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required in that a target must be coerced into opening a file or visiting a web page. The specific flaw exists within the ACE.dll module responsible for parsing ICC streams. Within the 'desc' tag there exists an embedded 'mluc' data structure. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2010-3632 – Adobe Acrobat Reader Multimedia Playing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3632
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658. Adobe Reader y Acrobat v9.x anterior a v9.4, y v8.x anterior a v8.2.5 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Una vulnerabilidad diferente de CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, y CVE-2010-3658. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application explicitly trusting a string's length embedded within a particular file format. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •