CVSS: 10.0EPSS: 3%CPEs: 4EXPL: 0CVE-2016-7886
https://notcve.org/view.php?id=CVE-2016-7886
Adobe InDesign version 11.4.1 and earlier, Adobe InDesign Server 11.0.0 and earlier have an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe InDesign versión 11.4.1 y versiones anteriores, Adobe InDesign Server 11.0.0 y versiones anteriores tienen una vulnerabilidad explotable de corrupción de memoria. Una explotación exitosa puede resultar en una ejecución de código arbitrario. • http://www.securityfocus.com/bid/94868 http://www.securitytracker.com/id/1037467 https://helpx.adobe.com/security/products/indesign/apsb16-43.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 1EXPL: 2CVE-2010-3153 – Adobe InDesign CS4 - 'ibfs32.dll' DLL Hijacking
https://notcve.org/view.php?id=CVE-2010-3153
Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesign CS5 7.0.2 and earlier, Adobe InDesign Server CS5 7.0.2 and earlier, and Adobe InCopy CS5 7.0.2 and earlier allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse ibfs32.dll that is located in the same folder as an .indl, .indp, .indt, or .inx file. Vulnerabilidad de ruta de búsqueda no confiable en Adobe InDesign CS4 v6.0 permite a usuarios locales, y puede que atacantes remotos, ejecutar código de su elección y producir un ataque de secuestro de DLL, a través de un troyano ibfs32.dll que está ubicado en la misma carpeta que un fichero .indl, .indp, .indt, o .inx. • https://www.exploit-db.com/exploits/14775 http://secunia.com/advisories/41126 http://www.adobe.com/support/security/bulletins/apsb10-24.html http://www.exploit-db.com/exploits/14775 http://www.securityfocus.com/archive/1/513340/100/0/threaded http://www.securitytracker.com/id?1024612 •
CVSS: 9.3EPSS: 27%CPEs: 1EXPL: 4CVE-2010-2321 – Adobe InDesign CS3 - '.INDD' Handling Buffer Overflow
https://notcve.org/view.php?id=CVE-2010-2321
Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrary code via a crafted .indd file. Desbordamiento de búfer en Adobe InDesign CS3 v10.0, permite a atacantes remotos asistidos por usuarios, ejecutar código de su elección mediante un fichero .indd manipulado. • https://www.exploit-db.com/exploits/13817 http://secunia.com/advisories/40050 http://www.exploit-db.com/exploits/13817 http://www.osvdb.org/65140 http://www.securityfocus.com/bid/40565 http://www.vupen.com/english/advisories/2010/1347 http://www.zeroscience.mk/en/vulnerabilities/ZSL-2010-4941.php https://exchange.xforce.ibmcloud.com/vulnerabilities/59132 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 60EXPL: 0CVE-2006-0525
https://notcve.org/view.php?id=CVE-2006-0525
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. • http://secunia.com/advisories/18698 http://securitytracker.com/id?1015577 http://securitytracker.com/id?1015578 http://securitytracker.com/id?1015579 http://www.adobe.com/support/techdocs/332644.html http://www.cs.princeton.edu/~sudhakar/papers/winval.pdf http://www.kb.cert.org/vuls/id/953860 http://www.osvdb.org/22908 http://www.securityfocus.com/archive/1/423587/100/0/threaded http://www.securityfocus.com/bid/16451 http://www.vupen.com/english/advisories/2006/ • CWE-264: Permissions, Privileges, and Access Controls •