CVE-2013-0640 – Adobe Reader and Acrobat Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2013-0640
Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013. Vulnerabilidad no especificada en Adobe Reader y Acrobat v9.x a través de v9.5.3, v10.x través v10.1.5, v11.0.1 y v11.x mediante, permite a atacantes remotos ejecutar código arbitrario a través de un documento PDF manipulado, explotada libremente en febrero de 2013, una vulnerabilidad diferente a CVE-2013-0641. An memory corruption vulnerability exists in the acroform.dll in Adobe Reader that allows an attacker to perform remote code execution. • https://www.exploit-db.com/exploits/29881 http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00021.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00024.html http://rhn.redhat.com/errata/RHSA-2013-0551.html http://security. •
CVE-2013-0624
https://notcve.org/view.php?id=CVE-2013-0624
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0622. Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permiten a los atacantes eludir las restricciones de acceso a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2013-0622a. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15969 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-0622
https://notcve.org/view.php?id=CVE-2013-0622
Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624. Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permiten a los atacantes para eludir restricciones de acceso a través de vectores no especificados. Se trata de una vulnerabilidad diferente a CVE-2013-0624. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16484 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2013-0627
https://notcve.org/view.php?id=CVE-2013-0627
Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows local users to gain privileges via unknown vectors. Una vulnerabilidad no especificada en Adobe Reader y Acrobat v9.x antes de v9.5.3, v10.x antes de v10.1.5 y v11.x antes de v11.0.1 permite a usuarios locales obtener privilegios a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16154 •
CVE-2013-0602 – acroread: multiple code execution flaws (APSB13-02)
https://notcve.org/view.php?id=CVE-2013-0602
Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors. Vulnerabilidad de uso después de la liberación en Adobe Reader y Acrobat v9.x anteriores a v9.5.3, v10.x anteriores a v10.1.5, y v11.x anterior a v11.0.1 permite a atacantes remotos aejecutar código a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00004.html http://lists.opensuse.org/opensuse-security-announce/2013-01/msg00005.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00028.html http://lists.opensuse.org/opensuse-updates/2013-01/msg00081.html http://rhn.redhat.com/errata/RHSA-2013-0150.html http://security.gentoo.org/glsa/glsa-201308-03.xml http://www.adobe.com/support/security/bulletins/apsb13-02.html https://oval.cisecurity.org/repository/search/defi • CWE-399: Resource Management Errors •