CVSS: 9.3EPSS: 2%CPEs: 50EXPL: 1CVE-2009-2994 – Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-2994
Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 permite a atacantes ejecutar código de su elección a través de vectores de ataque sin especificar. • https://www.exploit-db.com/exploits/9865 http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6156 https://access.redhat.com/security/cve/CVE-2009-2994 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 79%CPEs: 50EXPL: 0CVE-2009-3458 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-3458
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 no validan los datos de entrada apropiadamente, lo que puede permitir a los atacantes ejecutar código de su elección a través de vectores de ataque sin especificar. Es una vulnerabilidad distinta a la CVE-2009-2998. • http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6499 https://access.redhat.com/security/cve/CVE-2009-3458 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 50EXPL: 0CVE-2009-2997 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2997
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer basado en memoria dinámica (heap) en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7, y v9.x anteriores a v9.2 permite a atacantes ejecutar código de su elección mediante vectores no especificados. • http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6481 https://access.redhat.com/security/cve/CVE-2009-2997 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 79%CPEs: 50EXPL: 0CVE-2009-2998 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2998
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7, y v9.x anteriores a v9.2 no valida adecuadamente la entrada, permitiendo a atacantes ejecutar código de su elección mediante vectores no especificados, siendo una vulnerabilidad diferente que CVE-2009-3458. • http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6418 https://access.redhat.com/security/cve/CVE-2009-2998 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 95%CPEs: 50EXPL: 1CVE-2009-2983 – Adobe Reader 9.1.3 / Acrobat - COM Objects Memory Corruption Remote Code Execution
https://notcve.org/view.php?id=CVE-2009-2983
Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. Adobe Reader y Acrobat v9.x anteriores a v9.2, v8.x anteriores a v8.1.7 y posiblemente en v7.x anteriores a v7.1.4 permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) o probablemente ejecutar código de su elección mediante vectores no especificados. Various reproduction code that demonstrates memory corruption when loading/unloading Adobe objects through an EMBED tag in Firefox. • https://www.exploit-db.com/exploits/33283 http://securitytracker.com/id?1023007 http://www.adobe.com/support/security/bulletins/apsb09-15.html http://www.securityfocus.com/bid/36638 http://www.us-cert.gov/cas/techalerts/TA09-286B.html http://www.vupen.com/english/advisories/2009/2898 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5636 https://access.redhat.com/security/cve/CVE-2009-2983 https://bugzilla.redhat.com/show_bug.cgi?id=528659 • CWE-399: Resource Management Errors •