Page 50 of 301 results (0.007 seconds)

CVSS: 9.3EPSS: 2%CPEs: 40EXPL: 0

CVE-2010-0204 – Acroread: Multiple code execution flaws (APSB10-09)

https://notcve.org/view.php?id=CVE-2010-0204

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201. Adobe Reader y Acrobat v9.x anterior v9.3.2, y v8.x anterior v8.2.2 en Windows y Mac OS X, permite a atacantes causar una denegación de servicio (caída de programa) o ejecutar código a su elección a través de vectores no especificados, una vulnerabilidad fierente a CVE-2010-0194, CVE-2010-0197, y CVE-2010-0201. • http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.securityfocus.com/bid/39329 http://www.securityfocus.com/bid/39522 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 https://exchange.xforce.ibmcloud.com/vulnerabilities/57711 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7387 https://access.redhat.com/security/cve/CVE-2010-0204 https://bugzilla.redhat.com/show_bug. • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 5%CPEs: 40EXPL: 0

CVE-2010-0194 – Acroread: Multiple code execution flaws (APSB10-09)

https://notcve.org/view.php?id=CVE-2010-0194

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service (memory corruption) or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0197, CVE-2010-0201, and CVE-2010-0204. Adobe Reader y Acrobat v9.x anterior v9.3.2, y v8.x anterior v8.2.2 en Windows y Mac OS X, permite a atacantes causar una denegación de servicio (caída de aplicación) o ejecutar código de su elección a través de vectores no especificados, una vulnerabilidad diferente que CVE-2010-0197, CVE-2010-0201, y CVE-2010-0204. • http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.securityfocus.com/bid/39329 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6823 https://access.redhat.com/security/cve/CVE-2010-0194 https://bugzilla.redhat.com/show_bug.cgi?id=581417 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 8%CPEs: 40EXPL: 0

CVE-2010-0195 – Adobe Reader TrueType Font Handling Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-0195

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not properly handle fonts, which allows attackers to execute arbitrary code via unspecified vectors. Adobe Reader y Acrobat v9.x anterior v9.3.2, y v8.x anterior v8.2.2 en Windows y Mac OS X, no maneja adecuadamente fuentes, lo que permite a atacantes ejecutar código de su elección a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe's Acrobat Reader. User interaction is required in that the victim must be coerced into opening a malicious document or visiting a malicious URL. The specific flaw exists within the parsing of embedded fonts inside a PDF document. Upon parsing particular tables out of a font file the application will miscalculate an index used for seeking into a buffer. • http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.securityfocus.com/bid/39329 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7420 https://access.redhat.com/security/cve/CVE-2010-0195 https://bugzilla.redhat.com/show_bug.cgi?id=581417 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 2%CPEs: 16EXPL: 0

CVE-2009-4764

https://notcve.org/view.php?id=CVE-2009-4764

Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document. Adobe Reader v8.x y v9.x para Windows puede ejecutar ficheros EXE que estén incrustado en un documento PDF, esto facilita a los atacantes remotos engañar a los usuarios para que ejecuten código de su elección mediante un fichero manipulado. • http://lists.immunitysec.com/pipermail/dailydave/2010-April/006072.html http://lists.immunitysec.com/pipermail/dailydave/2010-April/006074.html http://www.metasploit.com/redmine/projects/framework/repository/revisions/8379/changes/modules/exploits/windows/fileformat/adobe_pdf_embedded_exe.rb https://exchange.xforce.ibmcloud.com/vulnerabilities/57994 https://forum.immunityinc.com/board/thread/1199/exploiting-pdf-files-without-vulnerabili/?page=1#post-1199 https://oval.cisecurity.org/repository/search/definition/oval% • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 6%CPEs: 20EXPL: 1

CVE-2010-1241 – Acroread: Heap-based overflow by opening a specially-crafted PDF file (FG-VD-10-005)

https://notcve.org/view.php?id=CVE-2010-1241

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. El desbordamiento de búfer en la región heap de la memoria en el sistema de administración de la pila personalizado en Reader y Acrobat versiones 9.x anteriores a 9.3.2, y versiones 8.x anteriores a 8.2.2 de Adobe en Windows y Mac OS X, permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de un documento PDF especialmente diseñado, también se conoce como FG-VD-10-005. • http://blog.fortinet.com/the-upcoming-blackhat-europe-2010-presentation http://lists.immunitysec.com/pipermail/dailydave/2010-April/006077.html http://www.adobe.com/support/security/bulletins/apsb10-09.html http://www.blackhat.com/html/bh-eu-10/bh-eu-10-briefings.html#Li http://www.securityfocus.com/bid/39227 http://www.securityfocus.com/bid/39329 http://www.us-cert.gov/cas/techalerts/TA10-103C.html http://www.vupen.com/english/advisories/2010/0873 http://www.youtube.com • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •