CVSS: 9.8EPSS: 36%CPEs: 2EXPL: 1CVE-2008-0655 – Adobe Acrobat and Reader Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2008-0655
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en Adobe Reader y Acrobat anterior a la versión 8.1.2 tienen vectores de impacto y ataque desconocidos. Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times. • http://blogs.adobe.com/acroread/2008/02/adobe_reader_812_for_linux_and.html http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html http://secunia.com/advisories/28802 http://secunia.com/advisories/28851 http://secunia.com/advisories/28983 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803&# •
CVSS: 9.3EPSS: 27%CPEs: 2EXPL: 0CVE-2007-5020
https://notcve.org/view.php?id=CVE-2007-5020
Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher. Una vulnerabilidad no especificada en Adobe Acrobat y Reader versión 8.1 en Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo PDF diseñado, relacionado con la opción mailto: e Internet Explorer versión 7 en Windows XP. NOTA: esta información se basa en un asesoramiento previo vago por parte de un investigador confiable. • http://www.adobe.com/support/security/advisories/apsa07-04.html http://www.gnucitizen.org/blog/0day-pdf-pwns-windows http://www.securityfocus.com/archive/1/480080/100/0/threaded http://www.securityfocus.com/bid/25748 http://www.securitytracker.com/id?1018723 http://www.us-cert.gov/cas/techalerts/TA07-297B.html http://www.vupen.com/english/advisories/2007/3392 https://exchange.xforce.ibmcloud.com/vulnerabilities/36722 • CWE-94: Improper Control of Generation of Code ('Code Injection') •