CVSS: 10.0EPSS: 1%CPEs: 81EXPL: 0CVE-2013-1376 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-1376
Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621. Desbordamiento de búfer en Adobe Reader y Acrobat 9.x anterior a la versión 9.5.3, 10.x anterior a 10.1.5, y 11.x anterior a la versión 11.0.1 permite a atacantes remotos ejecutar código arbitrario a través de vectores sin especificar, una vulnerabilidad diferente a CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, y CVE-2013-0621. • http://www.adobe.com/support/security/bulletins/apsb13-02.html https://access.redhat.com/security/cve/CVE-2013-1376 https://bugzilla.redhat.com/show_bug.cgi?id=893235 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 97%CPEs: 6EXPL: 1CVE-2013-3346 – Adobe Reader and Acrobat Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2013-3346
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. Adobe Reader y Acrobat v9.x anterior a v9.5.5, v10.x anterior a v10.1.7, y v11.x anterior a v11.0.03 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante vectores no especificados, una vulnerabilidad diferente a CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, y CVE-2013-3341. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the callbacks associated with ToolButton objects. A reference to the ToolButton object is kept when executing a callback which can lead to a use-after-free scenario if the callback removes the ToolButton object. • https://www.exploit-db.com/exploits/30394 http://www.adobe.com/support/security/bulletins/apsb13-15.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19054 https://access.redhat.com/security/cve/CVE-2013-3346 https://bugzilla.redhat.com/show_bug.cgi?id=962931 • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 93EXPL: 0CVE-2013-3342
https://notcve.org/view.php?id=CVE-2013-3342
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 do not properly handle operating-system domain blacklists, which has unspecified impact and attack vectors. Adobe Reader y Acrobat v9.x antes de v9.5.5, v10.x antes de v10.1.7 y v11.x antes de v11.0.03 no maneja adecuadamente las listas negras de dominio del sistema operativo, lo cual tiene un impacto no especificado y vectores de ataque. • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-15.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16063 • CWE-20: Improper Input Validation •
CVSS: 10.0EPSS: 28%CPEs: 93EXPL: 0CVE-2013-2718 – acroread: multiple code execution flaws (APSB13-15)
https://notcve.org/view.php?id=CVE-2013-2718
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. Adobe Reader y Acrobat v9.x anterior a v9.5.5, v10.x anterior a v10.1.7, y v11.x anterior a v11.0.03 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante vectores desconocidos, una vulnerabilidad diferente a CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, y CVE-2013-3341. • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html http://rhn.redhat.com/errata/RHSA-2013-0826.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-15.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16742 https://access.redhat.com/security/cve/CVE-2013-2718 https://bugzilla.redhat.com/show_bug.cgi?id=962931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 28%CPEs: 93EXPL: 0CVE-2013-2719 – acroread: multiple code execution flaws (APSB13-15)
https://notcve.org/view.php?id=CVE-2013-2719
Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341. Adobe Reader y Acrobat v9.x anterior a v9.5.5, v10.x anterior a v10.1.7, y v11.x anterior a v11.0.03 permite a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante vectores desconocidos, una vulnerabilidad diferente a CVE-2013-2718, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-2736, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, y CVE-2013-3341. • http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html http://rhn.redhat.com/errata/RHSA-2013-0826.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-15.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16754 https://access.redhat.com/security/cve/CVE-2013-2719 https://bugzilla.redhat.com/show_bug.cgi?id=962931 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •