CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2007-5666 – acroread JavaScript Insecure Libary Search Path
https://notcve.org/view.php?id=CVE-2007-5666
12 Feb 2008 — Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.1 y anteriores permite a usuarios locales ejecutar código de su elección a través de una librería maliciosa del proveedor de Seguridad en el directorio de trabajo actual... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.1EPSS: 40%CPEs: 1EXPL: 0CVE-2008-0667 – acroread: silent print vulnerability
https://notcve.org/view.php?id=CVE-2008-0667
11 Feb 2008 — The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655. La función DOC.print de la API Adobe JavaScript, utilizada por Adobe Acrobat y Reader en versiones anteriores a 8.1.2, permite a atacantes remotos configurar una impresión silenciosa no interactiva, y disparar la i... • http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 11%CPEs: 2EXPL: 0CVE-2008-0726 – Adobe Acrobat Javascript for PDF Integer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-0726
11 Feb 2008 — Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. Desbordamiento de tipo integer en Adobe Reader y Acrobat 8.1.1 y anteriores. Permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados a los printSepsWithParams, lo que dispara corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnera... • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html • CWE-189: Numeric Errors •
CVSS: 9.8EPSS: 86%CPEs: 2EXPL: 1CVE-2008-0655 – Adobe Acrobat and Reader Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2008-0655
07 Feb 2008 — Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en Adobe Reader y Acrobat anterior a la versión 8.1.2 tienen vectores de impacto y ataque desconocidos. Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times. • http://blogs.adobe.com/acroread/2008/02/adobe_reader_812_for_linux_and.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 40%CPEs: 2EXPL: 0CVE-2007-5020
https://notcve.org/view.php?id=CVE-2007-5020
21 Sep 2007 — Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher. Una vulnerabilidad no especificada en Adobe Acrobat y Reader versión 8.1 en Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo PDF diseñado, relacionado con la opción mailto: e In... • http://www.adobe.com/support/security/advisories/apsa07-04.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.5EPSS: 23%CPEs: 4EXPL: 3CVE-2007-1377 – Adobe Reader Plugin 'AcroPDF.dll' 8.0.0.0 - Resource Consumption
https://notcve.org/view.php?id=CVE-2007-1377
10 Mar 2007 — AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. AcroPDF.DLL de Adobe Reader 8.0, cuando se accede desde Mozilla Firefox, Netscape, ó Opera, permite a atacantes remotos provocar una denegación de servicio (agotamiento sin e... • https://www.exploit-db.com/exploits/3430 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 6.5EPSS: 24%CPEs: 26EXPL: 3CVE-2007-1199 – Adobe Acrobat/Adobe Reader 7.0.9 - Information Disclosure
https://notcve.org/view.php?id=CVE-2007-1199
02 Mar 2007 — Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045. Adobe Reader y Acrobat Trial permite a atacantes remotos leer archivos de su elección a través de una file:// URI en un documento PDF, como se demostró con <</URI(file:///C:/)/S/URI>>, un asunto diferente que CVE-2007-0045. • https://www.exploit-db.com/exploits/29686 •
CVSS: 10.0EPSS: 14%CPEs: 3EXPL: 1CVE-2004-1153
https://notcve.org/view.php?id=CVE-2004-1153
22 Dec 2004 — Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields. • http://www.adobe.com/support/downloads/detail.jsp?ftpID=2679 •