CVSS: 9.3EPSS: 1%CPEs: 49EXPL: 0CVE-2010-2889 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-2889
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted font, a different vulnerability than CVE-2010-3626. Vulnerabilidad no especificada en Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Windows y Mac OS X, permite a atacantes remotos ejecutar código de su elección a través de una tipografía manipulada. Una vulnerabilidad diferente de CVE-2010-3626 • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 2%CPEs: 49EXPL: 0CVE-2010-2890 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-2890
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Una vulnerabilidad diferente de CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, y CVE-2010-3658. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 2%CPEs: 49EXPL: 0CVE-2010-3619 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-3619
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, and CVE-2010-3658. Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. Una vulnerabilidad diferente de CVE-2010-2890, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, CVE-2010-3632, y CVE-2010-3658. • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 0%CPEs: 49EXPL: 0CVE-2010-3620 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-3620
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3629. Vulnerabilidad no especificada en Adobe Reader y Acrobat v8.x anterior a v8.2.5 y v9.x anterior a v9.4 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección a través de una imagen manipulada. Una vulnerabilidad diferente de CVE-2010-3629 • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 2%CPEs: 49EXPL: 0CVE-2010-3625 – acroread: multiple code execution flaws (APSB10-21)
https://notcve.org/view.php?id=CVE-2010-3625
Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." Vulnerabilidad no especificada en Adobe Reader y Acrobat v9.x anterior a v9.4 y v8.x anterior a v8.2.5 en Windows y Mac OS X, permite a atacantes ejecutar código de su elección a través de vecotes no especificados, relacionado con una vulnerabilidad de manejador de protocolo de prefijo (prefix protocol handler vulnerability) • http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-10/msg00006.html http://secunia.com/advisories/43025 http://security.gentoo.org/glsa/glsa-201101-08.xml http://www.adobe.com/support/security/bulletins/apsb10-21.html http://www.redhat.com/support/errata/RHSA-2010-0743.html http://www.us-cert.gov/cas/techalerts/TA10-279A.html http://www.vupen.com/english/advisories/2011/0191 https://oval.cisecurit • CWE-94: Improper Control of Generation of Code ('Code Injection') •