Page 64 of 322 results (0.018 seconds)

CVSS: 9.3EPSS: 32%CPEs: 2EXPL: 0

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655. Adobe Reader y Acrobat 8.1.1 y anteriores permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF manipulado que llama a un método JavaScript inseguro en el complemento EScript.api. NOTA: este problema podría estar incluido en CVE-2008-0655. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=656 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/security/bulletins/apsb08-13.html http://www.kb.cert.org/vuls/id/140129 http://www • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 17%CPEs: 2EXPL: 0

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption. Desbordamiento de tipo integer en Adobe Reader y Acrobat 8.1.1 y anteriores. Permite a atacantes remotos ejecutar código de su elección a través de argumentos manipulados a los printSepsWithParams, lo que dispara corrupción de memoria. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious web address or open a malicious file. The specific flaw exists in the parsing of embedded JavaScript code within PDF documents. • http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html http://secunia.com/advisories/28983 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803-01.xml http://sunsolve.sun.com/search/document.do?assetkey=1-26-239286-1 http://www.adobe.com/support/security/advisories/apsa08-01.html http://www.adobe.com/support/security/bulletins/apsb08-13.html http://www.redhat& • CWE-189: Numeric Errors •

CVSS: 9.8EPSS: 32%CPEs: 2EXPL: 1

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. Múltiples vulnerabilidades no especificadas en Adobe Reader y Acrobat anterior a la versión 8.1.2 tienen vectores de impacto y ataque desconocidos. Adobe Acrobat and Reader contains an unespecified vulnerability described as a design flaw which could allow a specially crafted file to be printed silently an arbitrary number of times. • http://blogs.adobe.com/acroread/2008/02/adobe_reader_812_for_linux_and.html http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1 http://lists.opensuse.org/opensuse-security-announce/2008-02/msg00007.html http://secunia.com/advisories/28802 http://secunia.com/advisories/28851 http://secunia.com/advisories/28983 http://secunia.com/advisories/29065 http://secunia.com/advisories/29205 http://secunia.com/advisories/30840 http://security.gentoo.org/glsa/glsa-200803&# •

CVSS: 9.3EPSS: 27%CPEs: 2EXPL: 0

Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher. Una vulnerabilidad no especificada en Adobe Acrobat y Reader versión 8.1 en Windows, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo PDF diseñado, relacionado con la opción mailto: e Internet Explorer versión 7 en Windows XP. NOTA: esta información se basa en un asesoramiento previo vago por parte de un investigador confiable. • http://www.adobe.com/support/security/advisories/apsa07-04.html http://www.gnucitizen.org/blog/0day-pdf-pwns-windows http://www.securityfocus.com/archive/1/480080/100/0/threaded http://www.securityfocus.com/bid/25748 http://www.securitytracker.com/id?1018723 http://www.us-cert.gov/cas/techalerts/TA07-297B.html http://www.vupen.com/english/advisories/2007/3392 https://exchange.xforce.ibmcloud.com/vulnerabilities/36722 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 5.0EPSS: 0%CPEs: 4EXPL: 3

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236. AcroPDF.DLL de Adobe Reader 8.0, cuando se accede desde Mozilla Firefox, Netscape, ó Opera, permite a atacantes remotos provocar una denegación de servicio (agotamiento sin especificar de recursos) mediante una URL .pdf con un identificador de marcador que comienza con search= seguido de muchas secuencias %n, vulnerabilidad distinta a CVE-2006-6027 y CVE-2006-6236. • https://www.exploit-db.com/exploits/3430 http://www.securityfocus.com/bid/22856 http://www.securityfocus.com/data/vulnerabilities/exploits/22856.html https://exchange.xforce.ibmcloud.com/vulnerabilities/32896 • CWE-400: Uncontrolled Resource Consumption •