Page 85 of 441 results (0.013 seconds)

CVSS: 9.3EPSS: 12%CPEs: 70EXPL: 0

Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061. Adobe Acrobat Reader versión 9 anterior a 9.1, versión 8 anterior a 8.1.4 y versión 7 anterior a 7.1.1 podría permitir a los atacantes remotos desencadenar una corrupción de memoria y posiblemente ejecutar código arbitrario por medio de vectores de ataque desconocidos relacionados con JBIG2, una vulnerabilidad diferente a las CVE-2009-0193 y CVE-2009-1061. • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://security.gentoo.org/glsa/glsa-200904-17.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 http://www.adobe.com/support/security/bulletins/apsb09-04.html http://w • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 56%CPEs: 99EXPL: 0

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. Desbordamiento de búfer basado en montículo en Adobe Acrobat Reader y Acrobat Professional v7.1.0, v8.1.3, v9.0.0 y otras versiones, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF que contiene una cadena JBIG2 con un tamaño inconsistente relacionado con una tabla sin especificar. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html http://secunia.com/advisories/34392 http://secunia.com/advisories/34490 http://secunia.com/advisories/34706 http://secunia.com/advisories/34790 http://security.gentoo.org/glsa/glsa-200904-17.xml http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1 http: • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 0%CPEs: 10EXPL: 0

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors. Vulnerabilidad no especificada en el Gestor de Descargas de Adobe Reader v8.1.2 y anteriores en Windows; permite a atacantes remotos modificar las opciones de Seguridad de Internet en una máquina cliente a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.securitytracker.com/id?1021140 http://www.us-cert.gov/cas/techalerts/TA08-309A.html http://www.vupen.com/english/advisories/2008/3001 •

CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.2 y anteriores en Unix y Linux; permite a los atacantes ganar privilegios mediante un programa troyano en un directorio no especificado que está asociado a una RPATH no segura. • http://download.oracle.com/sunalerts/1019937.1.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32700 http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.redhat.com/support/errata/RHSA-2008-0974.html http://www.securityfocus.com/bid/32100 http://www.securitytracker.com/id?1021140 http://www.us-cert.gov/cas/techalerts/TA08-309A.html http://www.vupen.com/eng • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 38%CPEs: 8EXPL: 0

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue." Vulnerabilidad no especificada en un método JavaScript en Adobe Reader y Acrobat 8.1.2 y anteriores permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Esté relacionado con un "tema de validación de entrada". • http://download.oracle.com/sunalerts/1019937.1.html http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html http://secunia.com/advisories/32700 http://secunia.com/advisories/32872 http://www.adobe.com/support/security/bulletins/apsb08-19.html http://www.adobe.com/support/security/bulletins/apsb09-04.html http://www.redhat.com/support/errata/RHSA-2008-0974.html http://www.securityfocus.com/bid/32100 http://www.securitytracker.com/id?1021140 http://www.skyrecon • CWE-20: Improper Input Validation •