Page 134 of 669 results (0.004 seconds)

CVSS: 7.5EPSS: 5%CPEs: 14EXPL: 1

Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. Varios visores de PDF, incluidos Adobe Acrobat 5.06 y Xpdf 1.01 permiten a atacantes remotos la ejecución arbitraria de comandos mediante metacaracteres de shell en un hipervínculo embebido. • https://www.exploit-db.com/exploits/22771 http://lists.grok.org.uk/pipermail/full-disclosure/2003-June/005719.html http://marc.info/?l=bugtraq&m=105777963019186&w=2 http://secunia.com/advisories/9037 http://secunia.com/advisories/9038 http://www.kb.cert.org/vuls/id/200132 http://www.mandriva.com/security/advisories?name=MDKSA-2003:071 http://www.redhat.com/support/errata/RHSA-2003-196.html http://www.redhat.com/support/errata/RHSA-2003-197.html https://oval. •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. Adobe Acrobat 5 no valida adecuadamente JavaScript en ficheros PDF, lo cual permite a atacantes remotos, escribir ficheros arbitrarios en el directorio Plug-ins, que se propaga a otros documentos PDF, como demostró el virus W32.Yourde. • http://www.adobe.com/support/downloads/detail.jsp?ftpID=2121 http://www.kb.cert.org/vuls/id/184820 •

CVSS: 4.6EPSS: 0%CPEs: 12EXPL: 0

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. El mecanismo de firma digital del visor de PDF Adobe Acrobat Reader sólo verifica la cabecera PE del código ejecutable de un plug-in, lo que puede permitir a atacantes ejecutar código arbitrario en modo certificado haciendo que parezca que el plug-in parezca firmado por Adobe. • http://archives.neohapsis.com/archives/vulnwatch/2003-q1/0148.html http://lists.grok.org.uk/pipermail/full-disclosure/2003-March/004230.html http://www.kb.cert.org/vuls/id/549913 http://www.kb.cert.org/vuls/id/JSHA-5EZQGZ •

CVSS: 7.6EPSS: 0%CPEs: 8EXPL: 0

Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier. • http://archives.neohapsis.com/archives/bugtraq/2000-07/0382.html http://www.adobe.com/misc/pdfsecurity.html http://www.securityfocus.com/bid/1509 •