Page 61 of 323 results (0.010 seconds)

CVSS: 9.3EPSS: 97%CPEs: 6EXPL: 4

CVE-2009-0658 – Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC)

https://notcve.org/view.php?id=CVE-2009-0658

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E. Un desbordamiento del búfer en Adobe Reader versión 9.0 y anteriores, y Acrobat versión 9.0 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento PDF creado, relacionado con una llamada a una función que no sea JavaScript y posiblemente una secuencia de imágenes del componente JBIG2 incrustada, tal como se explotó “in the wild” en febrero de 2009 por Trojan.Pidief.E. • https://www.exploit-db.com/exploits/8099 https://www.exploit-db.com/exploits/16593 https://www.exploit-db.com/exploits/16672 http://isc.sans.org/diary.html?n&storyid=5902 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://osvdb.org/52073 http://secunia.com/advisories/33901 http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/ad • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 2%CPEs: 2EXPL: 0

CVE-2008-5364

https://notcve.org/view.php?id=CVE-2008-5364

Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2008-4817. Desbordamiento de búfer basado en pila en el control ActiveX getPlus en gp.ocx v1.2.2.50 en NOS Microsystems getPlus Download Manager, como el usado por el proceso de instalación de Adobe Reader v8.1 y otras descargas, permite a atacantes remotos ejecutar código de su elección mediante vectores no especificados, siendo una vulnerabilidad diferente a CVE-2008-4817. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=754 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.securityfocus.com/bid/32105 http://www.vupen.com/english/advisories/2008/3002 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

CVE-2008-4816

https://notcve.org/view.php?id=CVE-2008-4816

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors. Vulnerabilidad no especificada en el Gestor de Descargas de Adobe Reader v8.1.2 y anteriores en Windows; permite a atacantes remotos modificar las opciones de Seguridad de Internet en una máquina cliente a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.securitytracker.com/id?1021140 http://www.us-cert.gov/cas/techalerts/TA08-309A.html http://www.vupen.com/english/advisories/2008/3001 •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

CVE-2008-4815 – Reader: insecure RPATH flaw

https://notcve.org/view.php?id=CVE-2008-4815

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.2 y anteriores en Unix y Linux; permite a los atacantes ganar privilegios mediante un programa troyano en un directorio no especificado que está asociado a una RPATH no segura. • http://download.oracle.com/sunalerts/1019937.1.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32700 http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.redhat.com/support/errata/RHSA-2008-0974.html http://www.securityfocus.com/bid/32100 http://www.securitytracker.com/id?1021140 http://www.us-cert.gov/cas/techalerts/TA08-309A.html http://www.vupen.com/eng • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 38%CPEs: 8EXPL: 0

CVE-2008-4814 – Reader: arbitrary code execution via unspecified JavaScript method

https://notcve.org/view.php?id=CVE-2008-4814

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue." Vulnerabilidad no especificada en un método JavaScript en Adobe Reader y Acrobat 8.1.2 y anteriores permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Esté relacionado con un "tema de validación de entrada". • http://download.oracle.com/sunalerts/1019937.1.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32700 http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.adobe.com/support/security/bulletins/apsb09-04.html http://www.redhat.com/support/errata/RHSA-2008-0974.html http://www.securityfocus.com/bid/32100 http://www.securitytracker.com/id?1021140 http://www.skyrecon • CWE-20: Improper Input Validation •