Page 62 of 387 results (0.004 seconds)

CVSS: 4.3EPSS: 1%CPEs: 56EXPL: 0

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Vulnerabilidad de XSS en Adobe Reader y Acrobat 10.x anterior a 10.1.12 y 11.x anterior a 11.0.09 en OS X permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de vectores no especificados, también conocido como 'Universal XSS (UXSS)'. • http://helpx.adobe.com/security/products/reader/apsb14-20.html http://www.securityfocus.com/bid/69822 http://www.securitytracker.com/id/1030853 https://exchange.xforce.ibmcloud.com/vulnerabilities/95997 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 10.0EPSS: 1%CPEs: 12EXPL: 0

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565. Adobe Reader y Acrobat 10.x anterior a 10.1.12 y 11.x anterior a 11.0.09 en Windows y OS X apermiten a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0565. • http://helpx.adobe.com/security/products/reader/apsb14-20.html http://www.securityfocus.com/bid/69825 http://www.securitytracker.com/id/1030853 http://www.securitytracker.com/id/1032892 https://exchange.xforce.ibmcloud.com/vulnerabilities/96003 https://helpx.adobe.com/security/products/reader/apsb15-15.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 56EXPL: 0

Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Adobe Reader y Acrobat 10.x anterior a 10.1.12 y 11.x anterior a 11.0.09 en Windows y OS X permiten a atacantes causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://helpx.adobe.com/security/products/reader/apsb14-20.html http://www.securityfocus.com/bid/69826 http://www.securitytracker.com/id/1030853 https://exchange.xforce.ibmcloud.com/vulnerabilities/95998 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 43%CPEs: 56EXPL: 0

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567. Desbordamiento de buffer basado en memoria dinámica en Adobe Reader y Acrobat 10.x anterior a 10.1.12 y 11.x anterior a 11.0.09 en Windows y OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0567. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the 3DIF Plugin (3difr.x3d). By providing a crafted PDF, an attacker is able to overflow a heap buffer allocated by the 3DIF plugin, and could use this vulnerability to execute arbitrary code in the context of the viewing process. • http://helpx.adobe.com/security/products/reader/apsb14-20.html http://www.securityfocus.com/bid/69821 http://www.securitytracker.com/id/1030853 https://exchange.xforce.ibmcloud.com/vulnerabilities/95996 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 43%CPEs: 56EXPL: 0

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. Desbordamiento de buffer basado en memoria dinámica en Adobe Reader y Acrobat 10.x anterior a 10.1.12 y 11.x anterior a 11.0.09 en Windows y OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0561. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the replace() JavaScript function. By creating a specially crafted string followed by a replace call with specific arguments, an attacker can force a heap buffer to overflow. • http://helpx.adobe.com/security/products/reader/apsb14-20.html http://www.securityfocus.com/bid/69827 http://www.securitytracker.com/id/1030853 https://exchange.xforce.ibmcloud.com/vulnerabilities/95999 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •