Page 131 of 652 results (0.006 seconds)

CVSS: 6.8EPSS: 90%CPEs: 3EXPL: 3

CVE-2009-1493 – Adobe 8.1.4/9.1 - 'customDictionaryOpen()' Code Execution

https://notcve.org/view.php?id=CVE-2009-1493

The customDictionaryOpen spell method in the JavaScript API in Adobe Reader 9.1, 8.1.4, 7.1.1, and earlier on Linux and UNIX allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that triggers a call to this method with a long string in the second argument. El método spell customDictionaryOpen en la API de JavaScript en Adobe Reader v8.1.4 y v9.1 de Linux permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar código arbitrario a través de un archivo PDF que activa una llamada a este método con una larga cadena de en el segundo argumento. • https://www.exploit-db.com/exploits/8570 http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://osvdb.org/54129 http://packetstorm.linuxsecurity.com/0904-exploits/spell.txt http://secunia.com/advisories/34924 http://secunia.com/advisories/35055&# • CWE-399: Resource Management Errors •

CVSS: 10.0EPSS: 56%CPEs: 99EXPL: 0

CVE-2009-0928 – acroread: multiple JBIG2-related security flaws

https://notcve.org/view.php?id=CVE-2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. Desbordamiento de búfer basado en montículo en Adobe Acrobat Reader y Acrobat Professional v7.1.0, v8.1.3, v9.0.0 y otras versiones, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF que contiene una cadena JBIG2 con un tamaño inconsistente relacionado con una tabla sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://security.gentoo.org/glsa/glsa-200904-17.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •