CVSS: 10.0EPSS: 14%CPEs: 52EXPL: 0CVE-2012-0774 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0774
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font. Desbordamiento de entero en Adobe Reader y Acrobat v9.x anteriores a v9.5.1 y v10.x anterior a v10.1.3, permite a atacantes ejecutar código a su elección a través de una fuente TrueType manipulada. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52951 http://www.securitytracker.com/id?1026908 ht • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 1%CPEs: 8EXPL: 0CVE-2012-0777 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0777
The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. La API JavaScript en Adobe Reader y Acrobat v9.x anteriores a v9.5.1 y v10.x anteriores a v10.1.3 en Mac OS X y Linuxm permite a atacantes ejecutar código o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52950 http://www.securitytracker.com/id?1026908 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 52EXPL: 0CVE-2012-0775 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0775
The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. La implantanción de JavaScript de Adobe Reader y Acrobat 9.x anteriores 9.5.1 y 10.x anteriores a 10.1.3 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52949 http://www.securitytracker.com/id?1026908 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 52EXPL: 0CVE-2012-0776
https://notcve.org/view.php?id=CVE-2012-0776
The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. El instalador en Adobe Reader v9.x anteriores a v9.5.1 y v10.x anterior a la v10.1.3 permite a atacantes evitar las restricciones de acceso y ejecutar código a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securitytracker.com/id?1026908 http://www.us-cert.gov/cas/techalerts/TA12-101B.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15270 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.8EPSS: 62%CPEs: 14EXPL: 0CVE-2011-4373 – Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-4373
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372. Adobe Reader y Adobe Acrobat antes de v9.5, y v10.x antes de v10.1.2, en Windows y Mac OS X permite a los atacantes ejecutar código de su elección o causar una denegación de servicio (por corrupción de memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2011-4370 y CVE-2011-4372. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader X. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within 2d.x3d, which is Adobe Reader's code responsible for processing BMP files. • http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.securityfocus.com/bid/51350 http://www.securitytracker.com/id?1026496 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14615 https://access.redhat.com/security/cve/CVE-2011-4373 https://bugzilla.redhat.com/show_bug.cgi?id=810397 • CWE-787: Out-of-bounds Write •