CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-5679
https://notcve.org/view.php?id=CVE-2018-5679
24 May 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an all... • http://www.securityfocus.com/bid/104300 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-5680
https://notcve.org/view.php?id=CVE-2018-5680
24 May 2018 — This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Foxit Reader before 9.1 and PhantomPDF before 9.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of specially crafted pdf files with embedded u3d images. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an all... • http://www.securityfocus.com/bid/104300 • CWE-125: Out-of-bounds Read •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2018-7406
https://notcve.org/view.php?id=CVE-2018-7406
24 May 2018 — An issue was discovered in Foxit Reader before 9.1 and PhantomPDF before 9.1. This vulnerability allows remote attackers to execute arbitrary code. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the u3d images inside of a pdf. The issue results from the lack of proper validation of user-supplied data, which can result in an array indexing issue. • http://www.securityfocus.com/bid/104300 • CWE-129: Improper Validation of Array Index •
CVSS: 9.3EPSS: 8%CPEs: 10EXPL: 0CVE-2017-3016
https://notcve.org/view.php?id=CVE-2017-3016
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria. La explotación con éxito de esta vulnerabilidad podría permitir la ejecución arbitrar... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 8%CPEs: 10EXPL: 0CVE-2017-3116
https://notcve.org/view.php?id=CVE-2017-3116
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in the MakeAccessible plugin when parsing TrueType font data. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el plugin MakeAccesibl... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 29%CPEs: 10EXPL: 0CVE-2017-3117
https://notcve.org/view.php?id=CVE-2017-3117
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in the plugin that handles links within the PDF. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en el plugin que gestiona enl... • http://www.securityfocus.com/bid/100180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 15%CPEs: 10EXPL: 0CVE-2017-3118
https://notcve.org/view.php?id=CVE-2017-3118
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has a security bypass vulnerability related to execution of malicious attachments. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de omisión de seguridad relacionada con la ejecución de archivos adjuntos maliciosos. • http://www.securityfocus.com/bid/100189 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 12%CPEs: 10EXPL: 0CVE-2017-3119
https://notcve.org/view.php?id=CVE-2017-3119
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable memory corruption vulnerability in Acrobat/Reader 11.0.19 engine. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de corrupción de memoria en el motor Acrobat/Reader 11.0.19. La explotación co... • http://www.securityfocus.com/bid/100179 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 13%CPEs: 10EXPL: 0CVE-2017-11220
https://notcve.org/view.php?id=CVE-2017-11220
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable heap overflow vulnerability in an internal data structure. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad de desbordamiento de memoria dinámica en una estructura de datos interna. La explotac... • http://www.securityfocus.com/bid/100180 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 13%CPEs: 10EXPL: 0CVE-2017-11221
https://notcve.org/view.php?id=CVE-2017-11221
11 Aug 2017 — Adobe Acrobat Reader 2017.009.20058 and earlier, 2017.008.30051 and earlier, 2015.006.30306 and earlier, and 11.0.20 and earlier has an exploitable type confusion vulnerability in the annotation functionality. Successful exploitation could lead to arbitrary code execution. Adobe Acrobat Reader 2017.009.20058 y anteriores, 2017.008.30051 y anteriores, 2015.006.30306 y anteriores, y 11.0.20 y anteriores tiene una vulnerabilidad explotable de confusión de tipo en la funcionalidad de anotación. La explotación c... • http://www.securityfocus.com/bid/100181 • CWE-704: Incorrect Type Conversion or Cast •