Page 38 of 222 results (0.011 seconds)

CVSS: 10.0EPSS: 1%CPEs: 83EXPL: 0

CVE-2009-2028 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)

https://notcve.org/view.php?id=CVE-2009-2028

Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues." Múltiples vulnerabilidades sin especificar en cualwuier Adobe Reader 7 d Acrobat 7 anterior a v7.1.3, Ie 8 anterior a v8.1.6, y Adobe Reader 9 y Acrobat 9 anterior a v9.1.2 tiene vectores de ataque y un impacto desconocido relacional con "cuestiones Adobe internally discovered". • http://secunia.com/advisories/35496 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://www.adobe.com/support/security/bulletins/apsb09-07.html http://www.redhat.com/support/errata/RHSA-2009-1109.html https://exchange.xforce.ibmcloud.com/vulnerabilities/51126 https://access.redhat.com/security/cve/CVE-2009-2028 https://bugzilla.redhat.com/show_bug.cgi?id=505049 •

CVSS: 9.3EPSS: 55%CPEs: 83EXPL: 0

CVE-2009-1855 – Adobe Reader U3D RHAdobeMeta Stack Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2009-1855

Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block. Un desbordamiento de búfer en la región stack de la memoria en Reader versión 7 y Acrobat versiones 7 anteriores a 7.1.3 de Adobe, Reader versión 8 y Acrobat versiones 8 anteriores a 8.1.6 y Reader versión 9 y Acrobat versiones 9 anteriores a 9.1.2 de Adobe, podría permitir a los atacantes ejecutar código arbitrario por medio de un archivo PDF que contiene un archivo de modelo U3D malformado con un bloque de extensión diseñado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists when parsing malformed U3D model files contained in a PDF. When a specially crafted extension block of a model is processed, insufficient bounds checking is done before a call to wcsncpy(). • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00002.html http://secunia.com/advisories/34580 http://secunia.com/advisories/35496 http://secunia.com/advisories/35655 http://secunia.com/advisories/35685 http://secunia.com/advisories/35734 http://security.gentoo.org/glsa/glsa-200907-06.xml http://securitytracker.com/id?1022361 http://www.adobe.com/support/security/bulletins/apsb09-07.html http:&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 96%CPEs: 6EXPL: 3

CVE-2009-1492 – Adobe Reader 8.1.4/9.1 - 'GetAnnots()' Remote Code Execution

https://notcve.org/view.php?id=CVE-2009-1492

The getAnnots Doc method in the JavaScript API in Adobe Reader and Acrobat 9.1, 8.1.4, 7.1.1, and earlier allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a PDF file that contains an annotation, and has an OpenAction entry with JavaScript code that calls this method with crafted integer arguments. El método getAnnots Doc en la API de JavaScript en Adobe Reader y Acrobat v9.1, v8.1.4, v7.1.1 y anteriores permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria) o ejecutar código arbitrario a través de un archivo PDF que contiene una anotación, y tiene una entrada OpenAction con el código JavaScript que llama a este método con argumentos enteros elaborados. • https://www.exploit-db.com/exploits/8569 http://blogs.adobe.com/psirt/2009/04/potential_adobe_reader_issue.html http://blogs.adobe.com/psirt/2009/04/update_on_adobe_reader_issue.html http://blogs.adobe.com/psirt/2009/05/adobe_reader_issue_update.html http://lists.opensuse.org/opensuse-security-announce/2009-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html http://osvdb.org/54130 http://packetstorm.linuxsecurity.com/0904-exploits/getannots.txt& • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 24%CPEs: 3EXPL: 0

CVE-2009-0193 – acroread: multiple JBIG2-related security flaws

https://notcve.org/view.php?id=CVE-2009-0193

Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062. Hay una vulnerabilidad en el desbordamiento del búfer en la región heap de la memoria en el programa de Adobe Acrobat Reader versión 9 anterior a 9.1, versión 8 anterior a 8.1.4, y versión 7 anterior a 7.1.1, permite a los atacantes remotos ejecutar códigos arbitrarios por medio de un archivo PDF con un segmento de diccionario de símbolos JBIG2 malformados, una vulnerabilidad diferente de los CVE- 2009-1061 y CVE-2009-1062. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://secunia.com/secunia_research/2009-14 http://security.gentoo.org/glsa/glsa-200904-17.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 http://www.adobe.com/support • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 56%CPEs: 99EXPL: 0

CVE-2009-0928 – acroread: multiple JBIG2-related security flaws

https://notcve.org/view.php?id=CVE-2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. Desbordamiento de búfer basado en montículo en Adobe Acrobat Reader y Acrobat Professional v7.1.0, v8.1.3, v9.0.0 y otras versiones, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF que contiene una cadena JBIG2 con un tamaño inconsistente relacionado con una tabla sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://security.gentoo.org/glsa/glsa-200904-17.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •