Page 42 of 213 results (0.009 seconds)

CVSS: 4.3EPSS: 3%CPEs: 1EXPL: 0

The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655. La función DOC.print de la API Adobe JavaScript, utilizada por Adobe Acrobat y Reader en versiones anteriores a 8.1.2, permite a atacantes remotos configurar una impresión silenciosa no interactiva, y disparar la impresión de un número arbitrario de copias de un documento. NOTA: esta cuestión podría ser subsumida en CVE-2008-0655. • http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html http://secunia.com/advisories/28802 http://secunia.com/advisories/28851 http://secunia.com/advisories/28983 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://securityreason.com/securityalert/3625 http://sunsolve.sun.com/ • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 97%CPEs: 2EXPL: 2

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655. Múltiples desbordamientos de búfer en Adobe Reader and Acrobat 8.1.1 y anteriores permiten a atacantes remotos ejecutar código de su elección a través de ficheros PDF con argumentos largos de métodos no especificados de JavaScript. NOTA: esta cuestión podría ser subsumida por CVE-2008-0655. Adobe Acrobat and Reader contain a buffer overflow vulnerability that allows remote attackers to execute code via a PDF file with long arguments to unspecified JavaScript methods. • https://www.exploit-db.com/exploits/31114 https://www.exploit-db.com/exploits/16674 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=657 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/se • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •

CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.1 y anteriores permite a usuarios locales ejecutar código de su elección a través de una librería maliciosa del proveedor de Seguridad en el directorio de trabajo actual de los lectores. NOTA: este asunto podría estar subsumido por CVE-2008-0655. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=655 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/security/bulletins/apsb08-13.html http://www.redhat.com/support/errata/RHSA-2008-0144.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 32%CPEs: 2EXPL: 0

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655. Adobe Reader y Acrobat 8.1.1 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF manipulado que llama a un método JavaScript inseguro en el complemento EScript.api. NOTA: este problema podría estar incluido en CVE-2008-0655. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=656 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/security/bulletins/apsb08-13.html http://www.kb.cert.org/vuls/id/140129 http://www • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 17%CPEs: 2EXPL: 0

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. Desbordamiento de tipo integer en Adobe Reader y Acrobat 8.1.1 y anteriores. Permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados a los printSepsWithParams, lo que dispara corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists in the parsing of embedded JavaScript code within PDF documents. • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html http://secunia.com/advisories/28983 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/security/bulletins/apsb08-13.html http://www.redhat& • CWE-189: Numeric Errors •