CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1CVE-2016-0954 – Adobe Digital Editions 4.5.0 - '.pdf' Critical Memory Corruption
https://notcve.org/view.php?id=CVE-2016-0954
Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Digital Editions en versiones anteriores a 4.5.1 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de la memoria) a través de vectores no especificados. • https://www.exploit-db.com/exploits/39533 http://www.securityfocus.com/bid/84214 http://www.securitytracker.com/id/1035201 https://helpx.adobe.com/security/products/Digital-Editions/apsb16-06.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2014-8068
https://notcve.org/view.php?id=CVE-2014-8068
Adobe Digital Editions (DE) 4 does not use encryption for transmission of data to adelogs.adobe.com, which allows remote attackers to obtain sensitive information by sniffing the network, as demonstrated by book-navigation information. Adobe Digital Editions (DE) 4 no utiliza la codificación para la transmisión de datos a adelogs.adobe.com, lo que permite a atacantes remotos obtener información sensible mediante la captura de trafico de la red, tal y como fue demostrado por la información de la navegación por libros. • http://arstechnica.com/security/2014/10/adobes-e-book-reader-sends-your-reading-logs-back-to-adobe-in-plain-text http://secunia.com/advisories/61551 http://the-digital-reader.com/2014/10/06/adobe-spying-users-collecting-data-ebook-libraries http://twitter.com/AdobeSecurity/statuses/519826275008282624 https://exchange.xforce.ibmcloud.com/vulnerabilities/97696 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 2%CPEs: 1EXPL: 0CVE-2014-0494
https://notcve.org/view.php?id=CVE-2014-0494
Adobe Digital Editions 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via unspecified vectors. Adobe Digital Editions 2.0.1 permite a atacantes ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria y caída de la aplicación) a través de vectores no especificados. • http://helpx.adobe.com/security/products/Digital-Editions/apsb14-03.html http://osvdb.org/102364 http://secunia.com/advisories/56578 http://www.securityfocus.com/bid/65091 http://www.securitytracker.com/id/1029680 https://exchange.xforce.ibmcloud.com/vulnerabilities/90648 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2013-1377
https://notcve.org/view.php?id=CVE-2013-1377
Adobe Digital Editions 2.x before 2.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Adobe Digital Editions 2.x anterior a 2.0.1 permite a atacantes la ejecución arbitraria de código o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb13-20.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 2.1EPSS: 0%CPEs: 4EXPL: 0CVE-2002-1017
https://notcve.org/view.php?id=CVE-2002-1017
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. • http://online.securityfocus.com/archive/1/285093 http://www.iss.net/security_center/static/9740.php http://www.securityfocus.com/bid/5358 •