CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2016-7888 – Adobe Digital Editions FlateDecode Out-of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2016-7888
Adobe Digital Editions versions 4.5.2 and earlier has an important vulnerability that could lead to memory address leak. Adobe Digital Editions versión 4.5.2 y versiones anteriores tiene una vulnerabilidad importante que podría conducir a filtraciones de direcciones de memoria. This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of FlateDecode streams in PDF files. The process does not properly validate user-supplied data which can result in a read past the end of an allocated object. • http://www.securityfocus.com/bid/94880 http://www.securitytracker.com/id/1037466 http://www.zerodayinitiative.com/advisories/ZDI-16-636 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-45.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 4%CPEs: 1EXPL: 0CVE-2016-6980 – Adobe Digital Editions ePub Font Parsing Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-6980
Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4263. Vulnerabilidad de uso después de liberación de memoria en Adobe Digital Editions en versiones anteriores a 4.5.2 permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4263. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Digital Editions. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of fonts in ePub files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • http://www.securityfocus.com/bid/93179 http://www.securitytracker.com/id/1036793 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html • CWE-416: Use After Free •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-4259
https://notcve.org/view.php?id=CVE-2016-4259
Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. Adobe Digital Editions en versiones anteriores a 4.5.2 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4260, CVE-2016-4261 y CVE-2016-4262. • http://www.securityfocus.com/bid/92928 http://www.securitytracker.com/id/1036793 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-4260
https://notcve.org/view.php?id=CVE-2016-4260
Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262. Adobe Digital Editions en versiones anteriores a 4.5.2 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261 y CVE-2016-4262. • http://www.securityfocus.com/bid/92928 http://www.securitytracker.com/id/1036793 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0CVE-2016-4256
https://notcve.org/view.php?id=CVE-2016-4256
Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262. Adobe Digital Editions en versiones anteriores a 4.5.2 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261 y CVE-2016-4262. • http://www.securityfocus.com/bid/92928 http://www.securitytracker.com/id/1036793 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-28.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •