CVSS: 9.3EPSS: 91%CPEs: 6EXPL: 3CVE-2009-1492 – Adobe Reader 8.1.4/9.1 - 'GetAnnots()' Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-1492
30 Apr 2009 — The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments. El método getAnnots Doc en la API de JavaScript en Adobe Reader y Acrobat v9.1, v8.1.4, v7.1.1 y anteriores permite a atacantes remotos provocar una denegación... • https://www.exploit-db.com/exploits/8569 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 72%CPEs: 3EXPL: 0CVE-2009-0193 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-0193
25 Mar 2009 — Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062. Hay una vulnerabilidad en el desbordamiento del búfer en la región heap de la memoria en el programa de Adobe Acrobat Reader versión 9 anterior a 9.1, versión 8 anterior a 8.1.4, y versión 7 anterior a 7.1.1, permite a los atacantes ... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 34%CPEs: 99EXPL: 0CVE-2009-0928 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-0928
25 Mar 2009 — Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. Desbordamiento de búfer basado en montículo en Adobe Acrobat Reader y Acrobat Professional v7.1.0, v8.1.3, v9.0.0 y otras versiones, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF que contiene una cadena JBI... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 17%CPEs: 3EXPL: 0CVE-2009-1061 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-1061
25 Mar 2009 — Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062. Vulnerabilidad inespecífica en Adobe Acrobat Reader v9 anteriores a v9.1, v8 anteriores a v8.1.4, y v7 anteriores a v7.1.1 permitiría a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos relacionado... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 11%CPEs: 70EXPL: 0CVE-2009-1062 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-1062
25 Mar 2009 — Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061. Adobe Acrobat Reader versión 9 anterior a 9.1, versión 8 anterior a 8.1.4 y versión 7 anterior a 7.1.1 podría permitir a los atacantes remotos desencadenar una corrupción de memoria y posiblemente ejecutar código arbitrario por medio de ve... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 97%CPEs: 3EXPL: 5CVE-2009-0927 – Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0927
19 Mar 2009 — Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. Vulnerabilidad no especificada en Adobe Reader y Adobe Acrobat v9.1 y v7.1.1 permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos, en relación con un método JavaScript y validación de entrada, una vulne... • https://www.exploit-db.com/exploits/9579 • CWE-20: Improper Input Validation CWE-121: Stack-based Buffer Overflow •
CVSS: 9.3EPSS: 97%CPEs: 6EXPL: 4CVE-2009-0658 – Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-0658
20 Feb 2009 — Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E. Un desbordamiento del búfer en Adobe Reader versión 9.0 y anteriores, y Acrobat versión 9.0 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento PDF creado, rela... • https://www.exploit-db.com/exploits/8099 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 93%CPEs: 64EXPL: 5CVE-2008-2992 – Adobe Reader and Acrobat Input Validation Vulnerability
https://notcve.org/view.php?id=CVE-2008-2992
04 Nov 2008 — Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104. Un desbordamiento de búfer en la región stack de la memoria en Adobe Acrobat y Reader versión 8.1.2 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo PDF que llama a la función JavaScript util.printf con un... • https://www.exploit-db.com/exploits/16504 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 36%CPEs: 60EXPL: 0CVE-2008-2641 – acroread: input validation issue in a JavaScript method
https://notcve.org/view.php?id=CVE-2008-2641
25 Jun 2008 — Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method." Vulnerabilidad no especificada en Adobe Reader y Acrobat 7.0.9 y anteriores, y 8.0 hasta 8.1.2, permite a atacantes remotos provocar una denegación de servicio (caída de aplicación) o posiblemente ejecutar código arbitrario ... • http://isc.sans.org/diary.html?storyid=4616 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 32%CPEs: 32EXPL: 1CVE-2008-2549 – Adobe Acrobat Reader 8.1.2 - '.PDF' Remote Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2008-2549
04 Jun 2008 — Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf. Adobe Acrobat Reader 8.1.2 y versiones anteriores, permiten a atacantes remotos provocar una denegación de servicio (caída de aplicación) y posiblemente la ejecución arbitraria de código a través de un documento PDF mal formado, como se ha demostrado por 2008-HI2.pdf. • https://www.exploit-db.com/exploits/5687 •