CVSS: 9.3EPSS: 50%CPEs: 83EXPL: 0CVE-2009-1856 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1856
Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflow. Un desbordamiento entero en Reader versión 7 y Acrobat versiones 7 anteriores a 7.1.3 de Adobe, Reader versión 8 y Acrobat versiones 8 anteriores a 8.1.6 de Adobe, y Reader versión 9 y Acrobat versiones 9 anteriores a 9.1.2 de Adobe, permite a los atacantes causar una denegación de servicio o posiblemente ejecutar código arbitrario por medio de un archivo PDF que contiene parámetros en el filtro FlateDecode, lo que desencadena un desbordamiento de búfer en la región heap de la memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=807 http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 ht • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 1%CPEs: 83EXPL: 0CVE-2009-1857 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1857
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font. Reader versión 7 y Acrobat versiones 7 anteriores a 7.1.3 de Adobe, Reader versión 8 y Acrobat versiones 8 anteriores a 8.1.6 y Reader versión 9 y Acrobat versiones 9 anteriores a 9.1.2 de Adobe, permite a los atacantes causar una denegación de servicio (corrupción de memoria) o posiblemente ejecutar código arbitrario por medio de un documento PDF con una fuente TrueType diseñada. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 45%CPEs: 83EXPL: 0CVE-2009-1858 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1858
The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. El filtro JBIG2 en Adobe Reader v7 y Acrobat v7 anterior a v7.1.3, Adobe Reader v8 y Acrobat 8 anterior a v8.1.6, y Adobe Reader v9 y Acrobat 9 anterior a v9.1.2, permitiría a atacantes remotos ejecutar código arbitrario a través de vectores inespecíficos que inician la corrupción de la memoria. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 32%CPEs: 83EXPL: 0CVE-2009-1859 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1859
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader v8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2 podría permitir a atacantes ejecutar código arbitrario a través de vectores inespecíficos que inician la corrupción de la memoria. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 19%CPEs: 83EXPL: 0CVE-2009-1861 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1861
Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption. Múltiples desbordamientos de búfer basados en memoria dinámica en Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader v8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2, podría permitir a atacantes remotos ejecutar código arbitrario o producir una denegación de servicio (caída de aplicación) a través de un fichero PDF con un stream JPX (también conocido como JPEG2000) que inicia la corrupción de la memoria dinámica. • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •