CVSS: 10.0EPSS: 1%CPEs: 81EXPL: 0CVE-2013-0609 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-0609
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0613. Un desbordamiento de entero en Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permite a los atacantes ejecutar código de su elección a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2013-0613. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://rhn.redhat.com/errata/RHSA-2013-0150.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/defi • CWE-189: Numeric Errors •
CVSS: 10.0EPSS: 1%CPEs: 81EXPL: 0CVE-2013-0611 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-0611
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0608, CVE-2013-0614, and CVE-2013-0618. Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permiten a un atacante ejecutar código de su elección a través de vectores no especificados. Se trata de un problema relacionado con un "error lógico". Se trata de una vulnerabilidad diferente a CVE-2013-0607, CVE-2013-0608, CVE-2013-0614 y CVE-2013-0618. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://rhn.redhat.com/errata/RHSA-2013-0150.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/defi • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 81EXPL: 0CVE-2013-0608 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-0608
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error," a different vulnerability than CVE-2013-0607, CVE-2013-0611, CVE-2013-0614, and CVE-2013-0618. Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permiten a un atacante ejecutar código de su elección a través de vectores no especificados. Se trata de un problema relacionado con un "error lógico". Se trata de una vulnerabilidad diferente a CVE-2013-0607, CVE-2013-0611, CVE-2013-0614 y CVE-2013-0618. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://rhn.redhat.com/errata/RHSA-2013-0150.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/defi • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 81EXPL: 0CVE-2013-0616 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-0616
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permiten a un atacante ejecutar código de su elección o causar una denegación de servicio (por corrupción de la memoria) a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2012-1530, CVE-2013-0601, CVE-2013-0605, CVE-2013-0619, CVE-2013-0620 y CVE-2013-0623. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://rhn.redhat.com/errata/RHSA-2013-0150.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/defi •
CVSS: 9.3EPSS: 96%CPEs: 26EXPL: 1CVE-2011-0609 – Adobe Flash Player Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2011-0609
Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011. Vulnerabilidad sin especificar en Adobe Flash Player 10.2.154.13 y versiones anteriores en Windows, Mac OS X, Linux y Solaris, y 10.1.106.16 y anteriores en Android, y Authplay.dll (AuthPlayLib.bundle) de Adobe Reader y Acrobat 9.x hasta 9.4.2 y 10.x hasta 10.0.1 en Windows y Mac OS X. Permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (caída de la aplicación) a través de contenido Flash modificado, como se ha demostrado con un fichero .swf embebido en una hoja de cálculo Excel. Se ha explotado en Internet en Marzo del 2011. Adobe Flash Player contains an unspecified vulnerability that allows remote attackers to execute code or cause denial-of-service (DoS). • https://www.exploit-db.com/exploits/17027 http://blogs.adobe.com/asset/2011/03/background-on-apsa11-01-patch-schedule.html http://googlechromereleases.blogspot.com/2011/03/stable-and-beta-channel-updates_15.html http://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.html http://secunia.com/advisories/43751 http://secunia.com/advisories/43757 http://secunia.com/advisories/43772 http://secunia.com/advisories/43856 http://securityreason.com/securityalert/8152 http://www.ado •