CVSS: 9.8EPSS: 59%CPEs: 32EXPL: 1CVE-2008-2549 – Adobe Acrobat Reader 8.1.2 - '.PDF' Remote Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-2549
04 Jun 2008 — Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf. Adobe Acrobat Reader 8.1.2 y versiones anteriores, permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente la ejecución arbitraria de código a través de un documento PDF mal formado, como se ha demostrado por 2008-HI2.pdf. • https://www.exploit-db.com/exploits/5687 •
CVSS: 9.3EPSS: 2%CPEs: 76EXPL: 0CVE-2008-2042
https://notcve.org/view.php?id=CVE-2008-2042
08 May 2008 — The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function. La API de JavaScript en Adobe Acrobat Professional versiones 7.0.9 y posiblemente 8.1.1 se expone a un método peligroso, el cual permite a atacantes remotos (1) ejecutar comandos de arbitrarios o (2) provocar un desbordamiento de ... • http://secunia.com/advisories/30840 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 93%CPEs: 2EXPL: 2CVE-2007-5659 – Adobe Acrobat and Reader Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2007-5659
12 Feb 2008 — Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655. Múltiples desbordamientos de búfer en Adobe Reader and Acrobat 8.1.1 y anteriores permiten a atacantes remotos ejecutar código de su elección a través de ficheros PDF con argumentos largos de métodos no especificados de JavaScript. NOTA: esta cuestión podría ser subsu... • https://www.exploit-db.com/exploits/31114 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 40%CPEs: 2EXPL: 0CVE-2007-5663 – acroread JavaScript Insecure Method Exposure
https://notcve.org/view.php?id=CVE-2007-5663
12 Feb 2008 — Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655. Adobe Reader y Acrobat 8.1.1 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF manipulado que llama a un método JavaScript inseguro en el complemento EScript.api. NOTA: este problema podría estar incluido en CVE-2008-0655. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=656 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5666 – acroread JavaScript Insecure Libary Search Path
https://notcve.org/view.php?id=CVE-2007-5666
12 Feb 2008 — Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.1 y anteriores permite a usuarios locales ejecutar código de su elección a través de una librería maliciosa del proveedor de Seguridad en el directorio de trabajo actual... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 40%CPEs: 1EXPL: 0CVE-2008-0667 – acroread: silent print vulnerability
https://notcve.org/view.php?id=CVE-2008-0667
11 Feb 2008 — The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655. La función DOC.print de la API Adobe JavaScript, utilizada por Adobe Acrobat y Reader en versiones anteriores a 8.1.2, permite a atacantes remotos configurar una impresión silenciosa no interactiva, y disparar la i... • http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 11%CPEs: 2EXPL: 0CVE-2008-0726 – Adobe Acrobat Javascript for PDF Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0726
11 Feb 2008 — Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. Desbordamiento de tipo integer en Adobe Reader y Acrobat 8.1.1 y anteriores. Permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados a los printSepsWithParams, lo que dispara corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnera... • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 86%CPEs: 2EXPL: 1CVE-2008-0655 – Adobe Acrobat and Reader Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2008-0655
07 Feb 2008 — Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en Adobe Reader y Acrobat anterior a la versión 8.1.2 tienen vectores de impacto y ataque desconocidos. Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times. • http://blogs.adobe.com/acroread/2008/02/adobe_reader_812_for_linux_and.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 6.5EPSS: 24%CPEs: 26EXPL: 3CVE-2007-1199 – Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure
https://notcve.org/view.php?id=CVE-2007-1199
02 Mar 2007 — Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045. Adobe Reader y Acrobat Trial permite a atacantes remotos leer archivos de su elección a través de una file:// URI en un documento PDF, como se demostró con <</URI(file:///C:/)/S/URI>>, un asunto diferente que CVE-2007-0045. • https://www.exploit-db.com/exploits/29686 •
CVSS: 8.8EPSS: 31%CPEs: 1EXPL: 2CVE-2007-0103 – Multiple PDF Readers - Multiple Remote Buffer Overflows
https://notcve.org/view.php?id=CVE-2007-0103
09 Jan 2007 — The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a crafted Pages attribute that references an invalid page tree node. La especificación de Adobe PDF 1.3, como se implementa en Adobe Acrobat anterior a 8.0.0, permite a atacantes remotos tener un impacto desconocido, pos... • https://www.exploit-db.com/exploits/29399 • CWE-20: Improper Input Validation •