CVSS: 9.3EPSS: 48%CPEs: 54EXPL: 0CVE-2006-5857
https://notcve.org/view.php?id=CVE-2006-5857
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering. Adobe Reader y Acrobat 7.0.8 y anteriores permite a atacantes remotos con la intervención del usuario ejecutar código mediante un archivo PDF manipulado que dispara una corrupción de memoria y sobrescribe un puntero de subrutina durante el dibujado. • http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0200.html http://lists.suse.com/archive/suse-security-announce/2007-Jan/0012.html http://osvdb.org/31316 http://secunia.com/advisories/23666 http://secunia.com/advisories/23691 http://secunia.com/advisories/23812 http://secunia.com/advisories/23877 http://secunia.com/advisories/23882 http://secunia.com/advisories/24533 http://security.gentoo.org/glsa/glsa-200701-16.xml http://securitytracker.com/id?1017491 http:/ • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 48%CPEs: 9EXPL: 1CVE-2006-6236
https://notcve.org/view.php?id=CVE-2006-6236
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the (1) src, (2) setPageMode, (3) setLayoutMode, and (4) setNamedDest methods in an AcroPDF ActiveX control, a different set of vectors than CVE-2006-6027. Adobe Reader (Adobe Acrobat Reader) 7.0 hasta 7.0.8 permite a un atacante remoto provocar denegación de servicio y posiblemente ejecutar código de su elección a tavés de un parámetro de cadena a los métodos (1) src, (2) setPageMode, (3) setLayoutMode, y (4) setNamedDest en el control AcroPDF ActiveX, diferente al grupo de vectores de CVE-2006-6027. • http://research.eeye.com/html/alerts/zeroday/20061128.html http://secunia.com/advisories/23138 http://www.adobe.com/support/security/advisories/apsa06-02.html http://www.kb.cert.org/vuls/id/198908 http://www.securityfocus.com/archive/1/453579/100/0/threaded http://www.securityfocus.com/bid/21338 http://www.securityfocus.com/bid/21813 http://www.vupen.com/english/advisories/2006/4751 https://exchange.xforce.ibmcloud.com/vulnerabilities/30574 https://exchange.xforce.ibmcloud.c •
CVSS: 9.3EPSS: 94%CPEs: 9EXPL: 3CVE-2006-6027 – Adobe Reader 7.0.x - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-6027
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control. Adobe Reader (Adobe Acrobat Reader) 7.0 hasta 7.0.8 permite a atacantes remotos provocar una denegación de servicio y posiblemente ejecutar código de su elección mediante un argumento de cadena largo al método LoadFile en el control ActiveX AcroPDF. • https://www.exploit-db.com/exploits/29076 http://downloads.securityfocus.com/vulnerabilities/exploits/21155-AcroPDF_DoS.html http://research.eeye.com/html/alerts/zeroday/20061128.html http://secunia.com/advisories/23138 http://securitytracker.com/id?1017297 http://www.adobe.com/support/security/advisories/apsa06-02.html http://www.kb.cert.org/vuls/id/198908 http://www.securityfocus.com/archive/1/453579/100/0/threaded http://www.securityfocus.com/bid/21155 http://www.vupen.com& •
CVSS: 7.5EPSS: 18%CPEs: 39EXPL: 6CVE-2006-3459 – Apple iPhone MobileSafari LibTIFF - 'browser' Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-3459
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. Múltiples desbordamientos de búfer basados en pila en la librería TIFF (libtiff)anterior a 3.8.2 permiten a atacantes locales o remotos (dependiendo del contexto) provocar una denegación de servicio y posiblemente ejecutar código de su elección a través de vectores desconocidos, incluyendo un valor grande de tdir_count en la función TIFFFetchShortPair de tif_dirread.c • https://www.exploit-db.com/exploits/16862 https://www.exploit-db.com/exploits/16868 https://www.exploit-db.com/exploits/16869 https://www.exploit-db.com/exploits/21869 https://www.exploit-db.com/exploits/21868 https://www.exploit-db.com/exploits/11787 ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html http&# • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.6EPSS: 0%CPEs: 28EXPL: 0CVE-2006-3452
https://notcve.org/view.php?id=CVE-2006-3452
Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files. Adobe Reader y Acrobat 6.0.4 y anteriores en Mac OSX, tiene un archivo y permisos de directorio inseguros, lo que permite a usuarios locales obtener privilegios sobrescribiendo archivos de programa. • http://secunia.com/advisories/21016 http://securitytracker.com/id?1016473 http://www.adobe.com/support/security/bulletins/apsb06-08.html http://www.osvdb.org/27157 http://www.securityfocus.com/bid/18945 http://www.vupen.com/english/advisories/2006/2758 https://exchange.xforce.ibmcloud.com/vulnerabilities/27678 •