CVSS: 9.3EPSS: 12%CPEs: 38EXPL: 0CVE-2016-0936 – Adobe Reader JPEG2000 Out-Of-Bounds Indexing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0936
12 Jan 2016 — Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted JPEG 2000 data, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0938, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. Adobe Reader y Acrobat en versiones anteriores a 11.0... • http://www.securitytracker.com/id/1034646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 21%CPEs: 38EXPL: 0CVE-2016-0937 – Adobe Acrobat Pro DC OCG Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0937
12 Jan 2016 — Use-after-free vulnerability in the OCG object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0940, and CVE-2016-0941. Vulnerabilidad de uso después de liberación de memoria en la implementación del objeto OCG en Adobe... • http://www.securitytracker.com/id/1034646 •
CVSS: 9.3EPSS: 7%CPEs: 38EXPL: 0CVE-2016-0938 – Adobe Reader DC Forms Out-Of-Bounds Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0938
12 Jan 2016 — The AcroForm plugin in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0939, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. El plugin AcroForm en Adobe Read... • http://www.securitytracker.com/id/1034646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 7%CPEs: 38EXPL: 0CVE-2016-0939 – Adobe Acrobat Reader DC Uninitialized Memory Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0939
12 Jan 2016 — Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (uninitialized pointer dereference and memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-0931, CVE-2016-0933, CVE-2016-0936, CVE-2016-0938, CVE-2016-0942, CVE-2016-0944, CVE-2016-0945, and CVE-2016-0946. Adobe Reader y Acr... • http://www.securitytracker.com/id/1034646 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 21%CPEs: 38EXPL: 0CVE-2016-0941 – Adobe Acrobat Reader DC Search Query Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-0941
12 Jan 2016 — Use-after-free vulnerability in the Search object implementation in Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-0932, CVE-2016-0934, CVE-2016-0937, and CVE-2016-0940. Vulnerabilidad de uso después de liberación de memoria en la implementación del objeto Search en... • http://www.securitytracker.com/id/1034646 •
CVSS: 8.8EPSS: 5%CPEs: 38EXPL: 0CVE-2016-0943 – Adobe Reader DC Global Javascript API Restrictions Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2016-0943
12 Jan 2016 — Adobe Reader and Acrobat before 11.0.14, Acrobat and Acrobat Reader DC Classic before 15.006.30119, and Acrobat and Acrobat Reader DC Continuous before 15.010.20056 on Windows and OS X mishandle the Global object, which allows attackers to bypass JavaScript API execution restrictions via unspecified vectors. Adobe Reader y Acrobat en versiones anteriores a 11.0.14, Acrobat y Acrobat Reader DC Classic en versiones anteriores a 15.006.30119 y Acrobat y Acrobat Reader DC Continuous en versiones anteriores a 15... • http://www.securitytracker.com/id/1034646 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 8.1EPSS: 0%CPEs: 20EXPL: 0CVE-2014-9150
https://notcve.org/view.php?id=CVE-2014-9150
30 Nov 2014 — Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. Condición de carrera en la caracteristica 'MoveFileEx call hook' en Adobe Reader and Acrobat 11.x anterior a 11.0.09 en Windows permite a atacantes remotos evadir el mecanismo de protección de sandbox, y como consecuencia es... • http://helpx.adobe.com/security/products/reader/apsb14-28.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 9.3EPSS: 3%CPEs: 79EXPL: 0CVE-2012-4363 – Gentoo Linux Security Advisory 201308-03
https://notcve.org/view.php?id=CVE-2012-4363
21 Aug 2012 — Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems." Múltiples vulnerabilidades no especificadas en Adobe Reader through v10.1.4 permite a atacantes remotos causar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario a través de un documento PDF ma... • http://gynvael.coldwind.pl/?id=483 •
CVSS: 10.0EPSS: 96%CPEs: 6EXPL: 1CVE-2011-2462 – Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2011-2462
07 Dec 2011 — Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011. Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite... • https://www.exploit-db.com/exploits/18366 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 1%CPEs: 74EXPL: 0CVE-2011-2442 – acroread: multiple code execution flaws (APSB11-24)
https://notcve.org/view.php?id=CVE-2011-2442
15 Sep 2011 — Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error vulnerability." Adobe Reader y Acrobat v8.x antes de v8.3.1, v9.x antes de v9.4.6, y v10.x antes de v10.1.1, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados, relacionado con una "vulnerabilidad de error lógico". • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html • CWE-20: Improper Input Validation •