NotCVE - vendor:"Adobe" product:"Acrobat Reader" version:" <= 17.012.30205"

Page 85 of 952 results (0.017 seconds)

CVSS: 9.3EPSS: 2%CPEs: 84EXPL: 0

CVE-2010-0186 – flash-plugin: unauthorized cross-domain requests (APSB10-06)

https://notcve.org/view.php?id=CVE-2010-0186

15 Feb 2010 — Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows remote attackers to bypass intended sandbox restrictions and make cross-domain requests via unspecified vectors. Vulnerabilidad de tipo cross-domain en Adobe Flash Player anterior a versión 10.0.45.2, Adobe AIR anterior a 1.5.3.9130 y Adobe Reader y Acrobat 8.x anterior al 8.2.1 y 9.x anterior al 9.3.1 permite a los atacantes remotos omitir... • http://lists.apple.com/archives/security-announce/2010//Jun/msg00001.html •

CVSS: 10.0EPSS: 2%CPEs: 102EXPL: 0

CVE-2009-3956 – acroread: script injection vulnerability (APSB10-02)

https://notcve.org/view.php?id=CVE-2009-3956

13 Jan 2010 — The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Format (FDF) behavior that allows cross-site scripting (XSS) by user-assisted remote attackers. La configuración por defecto en Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac O... • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html • CWE-16: Configuration •

CVSS: 7.5EPSS: 2%CPEs: 102EXPL: 0

CVE-2009-3957

https://notcve.org/view.php?id=CVE-2009-3957

13 Jan 2010 — Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors. Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes provocar una denegación de servicio (deferencia a puntero NULL) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html •

CVSS: 10.0EPSS: 88%CPEs: 102EXPL: 1

CVE-2009-3958 – Adobe GetPlus get_atlcom 1.6.2.48 - ActiveX Remote Execution

https://notcve.org/view.php?id=CVE-2009-3958

13 Jan 2010 — Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecified initialization parameters. Desbordamiento de búfer en el Download Manager en Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes ejecutar có... • https://www.exploit-db.com/exploits/11172 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 68%CPEs: 102EXPL: 0

CVE-2009-3959 – acroread: multiple code execution flaws (APSB10-02)

https://notcve.org/view.php?id=CVE-2009-3959

13 Jan 2010 — Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. Desbordamiento de entero en la implementación U3D en Adobe Reader y Acrobat v9.x anterior a v9.3, y 8.x anterior a v8.2, sobre Windows y Mac OS X, podría permitir a atacantes ejecutar código de su elección a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html • CWE-189: Numeric Errors •

CVSS: 10.0EPSS: 3%CPEs: 102EXPL: 0

CVE-2009-3954 – acroread: multiple code execution flaws (APSB10-02)

https://notcve.org/view.php?id=CVE-2009-3954

13 Jan 2010 — The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability." La implementación 3D en Adobe Reader y Acrobat v9.x anterior a v9.3, y v8.x anterior a v8.2 sobre Windows y Mac OS X, podría permitir a atacantes ejecutar código de su elección a través de vectores no especificados, relacionados con un "vulnerabilidad de carga DLL". • http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 10.0EPSS: 69%CPEs: 101EXPL: 0

CVE-2009-3955 – acroread: multiple code execution flaws (APSB10-02)

https://notcve.org/view.php?id=CVE-2009-3955

13 Jan 2010 — Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. Adobe Reader y Acrobat versión 9.x anterior a 9.3 y versión 8.x anterior a 8.2 en Windows y Mac OS X, permiten a los atacantes remotos ejecutar código arbitrario por medio de un marcador JP... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 4

CVE-2009-4324 – Adobe Acrobat and Reader Use-After-Free Vulnerability

https://notcve.org/view.php?id=CVE-2009-4324

15 Dec 2009 — Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009. La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la función Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versión 9.x anterior a 9.3, y ... • https://www.exploit-db.com/exploits/16503 • CWE-416: Use After Free •

CVSS: 6.5EPSS: 1%CPEs: 50EXPL: 0

CVE-2009-2979 – acroread: Multiple DoS fixes in 8.1.7 (APSB09-15)

https://notcve.org/view.php?id=CVE-2009-2979

19 Oct 2009 — Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document. Adobe Reader y Acrobat v9.x anteriores a la v9.2, v8.x anteriores a la v8.1.7 y posiblemente v7.x hasta la v7.1.4 no realizan apropiadamente la expansión de entidades XMP-XML, lo que permite a atacantes remotos provacar una denegación de servicio a través de un documento modificado. • http://securitytracker.com/id?1023007 •

CVSS: 9.8EPSS: 74%CPEs: 50EXPL: 0

CVE-2009-2980 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)

https://notcve.org/view.php?id=CVE-2009-2980

19 Oct 2009 — Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 permite a atacantes provocar una denegación de servicio o probablemente ejecutar código de su elección mediante vectores no especificados. • http://securitytracker.com/id?1023007 • CWE-189: Numeric Errors •

1...83 84 85 86 87