CVSS: 4.3EPSS: 17%CPEs: 46EXPL: 0CVE-2014-0521
https://notcve.org/view.php?id=CVE-2014-0521
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X do not properly implement JavaScript APIs, which allows remote attackers to obtain sensitive information via a crafted PDF document. Adobe Reader y Acrobat 10.x anterior a 10.1.10 y 11.x anterior a 11.0.07 en Windows y OS X no implementen debidamente APIs JavaScript, lo que permite a atacantes remotos obtener información sensible a través de un documento PDF manipulado. • http://helpx.adobe.com/security/products/reader/apsb14-15.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 18%CPEs: 46EXPL: 0CVE-2014-0529
https://notcve.org/view.php?id=CVE-2014-0529
Buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de buffer en Adobe Reader y Acrobat 10.x anterior a 10.1.10 y 11.x anterior a 11.0.07 en Windows y OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados. • http://helpx.adobe.com/security/products/reader/apsb14-15.html http://www.securityfocus.com/bid/67362 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 46EXPL: 0CVE-2014-0522
https://notcve.org/view.php?id=CVE-2014-0522
Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0523, CVE-2014-0524, and CVE-2014-0526. Adobe Reader y Acrobat 10.x anterior a 10.1.10 y 11.x anterior a 11.0.07 en Windows y OS X permiten a atacantes ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de vectores no especificados, una vulnerabilidad diferente a CVE-2014-0523, CVE-2014-0524 y CVE-2014-0526. • http://helpx.adobe.com/security/products/reader/apsb14-15.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 0%CPEs: 46EXPL: 0CVE-2014-0525
https://notcve.org/view.php?id=CVE-2014-0525
The API in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X does not prevent access to unmapped memory, which allows attackers to execute arbitrary code via unspecified API calls. La API en Adobe Reader y Acrobat 10.x anterior a 10.1.10 y 11.x anterior a 11.0.07 en Windows y OS X no previene acceso a memoria no mapeada, lo que permite a atacantes ejecutar código arbitrario a través de llamadas API no especificadas. • http://helpx.adobe.com/security/products/reader/apsb14-15.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 10.0EPSS: 15%CPEs: 46EXPL: 0CVE-2014-0527 – Adobe Reader AcroPDF messageHandler Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2014-0527
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.10 and 11.x before 11.0.07 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de uso después de liberación en Adobe Reader y Acrobat 10.x anterior a 10.1.10 y 11.x anterior a 11.0.07 en Windows y OS X permite a atacantes ejecutar código arbitrario a través de vectores no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of the AcroPDF ActiveX control. The issue lies in the messageHandler property of the control. • http://helpx.adobe.com/security/products/reader/apsb14-15.html • CWE-399: Resource Management Errors •