Page 47 of 276 results (0.012 seconds)

CVSS: 9.3EPSS: 28%CPEs: 74EXPL: 0

Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2433 and CVE-2011-2434. Múltiples desbordamientos de búfer basados en memoria dinámica en Adobe Reader y Acrobat v8.x antes de v8.3.1, v9.x antes de v9.4.6, y v10.x antes de v10.1.1, permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos, una vulnerabilidad diferente de CVE-2011-2433 y CVE-2011-2434. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the Adobe Image parsing library. When Adobe Reader tries to parse an .PCX image it creates a 32 bits loop counter based on the height and width of the image. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html http://www.adobe.com/support/security/bulletins/apsb11-24.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13984 https://access.redhat.com/security/cve/CVE-2011-2437 https://bugzilla.redhat.com/show_bug.cgi?id=749381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 1%CPEs: 74EXPL: 0

Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad "use-after-free" en Adobe Reader y Acrobat v8.x antes de v8.3.1, v9.x antes de v9.4.6 y v10.x antes de v10.1.1, permite a atacantes remotos ejecutar código de su elección a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00012.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2011-11/msg00025.html http://www.adobe.com/support/security/bulletins/apsb11-24.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14149 https://access.redhat.com/security/cve/CVE-2011-2440 https://bugzilla.redhat.com/show_bug.cgi?id=749381 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 0%CPEs: 75EXPL: 0

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability." Adobe Reader y Acrobat v8.x antes de v8.3, v9.x antes de v9.4.5, y v10.x antes de v10.1 en Windows y Mac OS X no funciona bien la restricción de la ejecución de secuencias de comandos, lo que permite a los atacantes ejecutar código arbitrario mediante un documento manipulado, relacionado con "Vulnerabilidad de ejecución de secuencias de comandos en documentos cruzados" • http://osvdb.org/73063 http://www.adobe.com/support/security/bulletins/apsb11-16.html http://www.securityfocus.com/bid/48255 http://www.securitytracker.com/id?1025658 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13919 https://access.redhat.com/security/cve/CVE-2011-2101 https://bugzilla.redhat.com/show_bug.cgi?id=720622 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 2%CPEs: 75EXPL: 0

Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095. Desbordamiento de búfer en Adobe Reader y Acrobat v8.x anterior a v8.3, v9.x anterior a v9.4.5, y v10.x anterior a v10.1 en Windows y Mac OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2011-2094 y CVE-2011-2095. • http://www.adobe.com/support/security/bulletins/apsb11-16.html http://www.securityfocus.com/bid/48244 http://www.securitytracker.com/id?1025658 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14059 https://access.redhat.com/security/cve/CVE-2011-2097 https://bugzilla.redhat.com/show_bug.cgi?id=720622 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 1%CPEs: 75EXPL: 0

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Adobe Reader y Acrobat v8.x anterior a v8.3, v9.x anterior a v9.4.5, y 10.x anterior a v10.1 en Windows y Mac OS X permite a atacantes provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://osvdb.org/73066 http://www.adobe.com/support/security/bulletins/apsb11-16.html http://www.securityfocus.com/bid/48251 http://www.securitytracker.com/id?1025658 http://www.us-cert.gov/cas/techalerts/TA11-166A.html https://exchange.xforce.ibmcloud.com/vulnerabilities/68018 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A13863 https://access.redhat.com/security/cve/CVE-2011-2104 https://bugzilla.redhat.com/show_bug.cgi?id=720633 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •