Page 113 of 565 results (0.004 seconds)

CVSS: 5.1EPSS: 6%CPEs: 9EXPL: 0

The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method. • http://secunia.com/advisories/14813 http://www.adobe.com/support/techdocs/331465.html http://www.hyperdose.com/advisories/H2005-06.txt http://www.niscc.gov.uk/niscc/docs/re-20050401-00264.pdf http://www.osvdb.org/15242 http://www.securityfocus.com/bid/12989 http://www.vupen.com/english/advisories/2005/0310 •

CVSS: 7.5EPSS: 5%CPEs: 11EXPL: 0

Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. Desbordamiento de búfer en el componente ActiveX (pdf.ocx) de Adobe Acrobat 5.0.5 y Acrobat Reader, y posiblemente otras versiones, permite a atacantes remotos ejecutar código de su elección mediante una URI de un fichero PDF con un terminador nulo (%00) seguido por una cadena larga. • http://www.adobe.com/support/techdocs/330527.html http://www.gentoo.org/security/en/glsa/glsa-200408-14.xml http://www.idefense.com/application/poi/display?id=126&type=vulnerabilities http://www.securityfocus.com/bid/10947 https://exchange.xforce.ibmcloud.com/vulnerabilities/16998 •

CVSS: 10.0EPSS: 7%CPEs: 3EXPL: 1

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command. Desbordamiento de búfer en la característica uudecoding de Adobe Acrobat Reader 5.0.5 y 5.0.6 de Unix y Linux, u posiblemente otras versiones incluyendo aquellas anteriores a 5.0.9, permite a atacantes remotos ejecutar código de su elección mediane un nombre de fichero largo para el PDF que es suministrado a al orden uudecode. • http://security.gentoo.org/glsa/glsa-200408-14.xml http://www.adobe.com/support/techdocs/322914.html http://www.idefense.com/application/poi/display?id=125&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2004-432.html http://www.securityfocus.com/bid/10932 https://exchange.xforce.ibmcloud.com/vulnerabilities/16972 https://access.redhat.com/security/cve/CVE-2004-0631 https://bugzilla.redhat.com/show_bug.cgi?id=1617242 •

CVSS: 10.0EPSS: 13%CPEs: 3EXPL: 0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. La caractérística uudecoding en Adobe Acrobat Reader 5.0.5 a 5.0.6 para Unix y Linux, y posiblemente otras versiones incluyendo aquellas anteriores a 5.0.9, permite a atacantes remotos ejecutar código arbitrario mediante metacaractéres de shell ("`" o comilla invertida) en el nombre del fichero que es suministrado a la orden uudecode. • http://security.gentoo.org/glsa/glsa-200408-14.xml http://www.adobe.com/support/techdocs/322914.html http://www.idefense.com/application/poi/display?id=124&type=vulnerabilities http://www.redhat.com/support/errata/RHSA-2004-432.html http://www.securityfocus.com/bid/10931 https://exchange.xforce.ibmcloud.com/vulnerabilities/16973 https://access.redhat.com/security/cve/CVE-2004-0630 https://bugzilla.redhat.com/show_bug.cgi?id=1617241 •

CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. El mecanismo de firma digital del visor de PDF Adobe Acrobat Reader sólo verifica la cabecera PE del código ejecutable de un plug-in, lo que puede permitir a atacantes ejecutar código arbitrario en modo certificado haciendo que parezca que el plug-in parezca firmado por Adobe. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0148.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004230.html http://www.kb.cert.org/vuls/id/549913 http://www.kb.cert.org/vuls/id/JSHA-5EZQGZ •