Page 111 of 638 results (0.017 seconds)

CVSS: 9.3EPSS: 96%CPEs: 8EXPL: 2

CVE-2010-2883 – Adobe Acrobat and Reader Stack-Based Buffer Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2010-2883

Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010. NOTE: some of these details are obtained from third party information. Un desbordamiento de búfer en la región stack de la memoria en la biblioteca CoolType.dll en Adobe Reader y Acrobat versión 9.x anterior a 9.4 y versión 8.x anterior a 8.2.5 en Windows y Mac OS X, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (bloqueo de aplicación) por medio de un documento PDF con un campo largo en una tabla Smart INdependent Glyphlets (SING) en una fuente TTF, tal y como se explotó “in the wild” en septiembre de 2010. NOTA: algunos de estos datos se consiguen de la información de terceros. Adobe Acrobat and Reader contain a stack-based buffer overflow vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS). • https://www.exploit-db.com/exploits/16619 https://www.exploit-db.com/exploits/16494 http://blog.metasploit.com/2010/09/return-of-unpublished-adobe.html http://community.websense.com/blogs/securitylabs/archive/2010/09/10/brief-analysis-on-adobe-reader-sing-table-parsing-vulnerability-cve-2010-2883.aspx http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/41340 http:/ • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 91%CPEs: 3EXPL: 1

CVE-2010-2862 – Acrobat Acrobat - Font Parsing Integer Overflow

https://notcve.org/view.php?id=CVE-2010-2862

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table. Desbordamiento de entero en CoolType.dll de Adobe Reader v8.2.3 y v9.3.3, y Acrobat v9.3.3, permite a atacantes remotos ejecutar código a su elección a través de fuentes TrueType con un valor maxCompositePoints grande en una tabla Maximum Profile (maxp). • https://www.exploit-db.com/exploits/14642 http://secunia.com/advisories/40766 http://securityevaluators.com/files/papers/CrashAnalysis.pdf http://www.us-cert.gov/cas/techalerts/TA10-231A.html http://www.zdnet.co.uk/news/security-threats/2010/08/04/adobe-confirms-pdf-security-hole-in-reader-40089737 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11693 https://access.redhat.com/security/cve/CVE-2010-2862 https://bugzilla.redhat.com/show_bug.cgi?i • CWE-189: Numeric Errors CWE-190: Integer Overflow or Wraparound •

CVSS: 9.3EPSS: 29%CPEs: 48EXPL: 0

CVE-2010-2210 – acroread: multiple code execution flaws (APSB10-15)

https://notcve.org/view.php?id=CVE-2010-2210

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. Vulnerabilidad en Adobe Reader y Acrobat v9.x anteriores a v9.3.3, y v8.x anteriores a v8.2.3 en Windows y Mac OS X, permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, una vulnerabilidad distinta a CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212. • http://www.adobe.com/support/security/bulletins/apsb10-15.html http://www.securityfocus.com/bid/41242 http://www.securitytracker.com/id?1024159 http://www.vupen.com/english/advisories/2010/1636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6929 https://access.redhat.com/security/cve/CVE-2010-2210 https://bugzilla.redhat.com/show_bug.cgi?id=609203 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 6.8EPSS: 5%CPEs: 20EXPL: 0

CVE-2010-2203 – acroread: multiple code execution flaws (APSB10-15)

https://notcve.org/view.php?id=CVE-2010-2203

Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Reader y Acrobat v9.x anterior a v9.3.3 en UNIX permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante vectores desconocidos • http://www.adobe.com/support/security/bulletins/apsb10-15.html http://www.securityfocus.com/bid/41235 http://www.securitytracker.com/id?1024159 http://www.vupen.com/english/advisories/2010/1636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14495 https://access.redhat.com/security/cve/CVE-2010-2203 https://bugzilla.redhat.com/show_bug.cgi?id=609203 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 11%CPEs: 48EXPL: 0

CVE-2010-2206 – acroread: multiple code execution flaws (APSB10-15)

https://notcve.org/view.php?id=CVE-2010-2206

Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted GIF image in a PDF file, which bypasses a size check and triggers a heap-based buffer overflow. Error de índice de matriz en archivo AcroForm.api en Adobe Reader y Acrobat versión 9.x anterior a 9.3.3 y versión 8.x anterior a 8.2.3 en Windows y Mac OS X, permite a los atacantes remotos ejecutar código arbitrario por medio de una imagen GIF creada en un archivo PDF, lo que omite una comprobación de tamaño y desencadena un desbordamiento de búfer en la región heap de la memoria. • http://secunia.com/secunia_research/2010-88 http://www.adobe.com/support/security/bulletins/apsb10-15.html http://www.securityfocus.com/archive/1/512092/100/0/threaded http://www.securityfocus.com/bid/41241 http://www.securitytracker.com/id?1024159 http://www.vupen.com/english/advisories/2010/1636 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7200 https://access.redhat.com/security/cve/CVE-2010-2206 https://bugzilla.redhat.com/show_bug.cg • CWE-189: Numeric Errors •