CVSS: 10.0EPSS: 34%CPEs: 99EXPL: 0CVE-2009-0928 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-0928
25 Mar 2009 — Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table. Desbordamiento de búfer basado en montículo en Adobe Acrobat Reader y Acrobat Professional v7.1.0, v8.1.3, v9.0.0 y otras versiones, permite a atacantes remotos ejecutar código de su elección a través de un archivo PDF que contiene una cadena JBI... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=776 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 21%CPEs: 3EXPL: 0CVE-2009-1061 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-1061
25 Mar 2009 — Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062. Vulnerabilidad inespecífica en Adobe Acrobat Reader v9 anteriores a v9.1, v8 anteriores a v8.1.4, y v7 anteriores a v7.1.1 permitiría a atacantes remotos ejecutar código arbitrario a través de vectores desconocidos relacionado... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 10%CPEs: 70EXPL: 0CVE-2009-1062 – acroread: multiple JBIG2-related security flaws
https://notcve.org/view.php?id=CVE-2009-1062
25 Mar 2009 — Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061. Adobe Acrobat Reader versión 9 anterior a 9.1, versión 8 anterior a 8.1.4 y versión 7 anterior a 7.1.1 podría permitir a los atacantes remotos desencadenar una corrupción de memoria y posiblemente ejecutar código arbitrario por medio de ve... • http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 97%CPEs: 3EXPL: 5CVE-2009-0927 – Adobe Reader and Adobe Acrobat Stack-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0927
19 Mar 2009 — Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. Vulnerabilidad no especificada en Adobe Reader y Adobe Acrobat v9.1 y v7.1.1 permite a atacantes remotos ejecutar código de su elección mediante vectores desconocidos, en relación con un método JavaScript y validación de entrada, una vulne... • https://www.exploit-db.com/exploits/9579 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 97%CPEs: 6EXPL: 4CVE-2009-0658 – Adobe Acrobat Reader - JBIG2 Local Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2009-0658
20 Feb 2009 — Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E. Un desbordamiento del búfer en Adobe Reader versión 9.0 y anteriores, y Acrobat versión 9.0 y anteriores, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento PDF creado, rela... • https://www.exploit-db.com/exploits/8099 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 2%CPEs: 2EXPL: 0CVE-2008-5364
https://notcve.org/view.php?id=CVE-2008-5364
08 Dec 2008 — Stack-based buffer overflow in the getPlus ActiveX control in gp.ocx 1.2.2.50 in NOS Microsystems getPlus Download Manager, as used for the Adobe Reader 8.1 installation process and other downloads, allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2008-4817. Desbordamiento de búfer basado en pila en el control ActiveX getPlus en gp.ocx v1.2.2.50 en NOS Microsystems getPlus Download Manager, como el usado por el proceso de instalación de Adobe Reader v8.1 ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=754 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 33%CPEs: 8EXPL: 0CVE-2008-4814 – Reader: arbitrary code execution via unspecified JavaScript method
https://notcve.org/view.php?id=CVE-2008-4814
05 Nov 2008 — Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue." Vulnerabilidad no especificada en un método JavaScript en Adobe Reader y Acrobat 8.1.2 y anteriores permite a atacantes remotos ejecutar código de su elección a través de vectores desconocidos. Esté relacionado con un "tema de validación de entrada". • http://download.oracle.com/sunalerts/1019937.1.html • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 9EXPL: 0CVE-2008-4815 – Reader: insecure RPATH flaw
https://notcve.org/view.php?id=CVE-2008-4815
05 Nov 2008 — Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH. Vulnerabilidad de ruta de búsqueda no confiable en Adobe Reader y Acrobat 8.1.2 y anteriores en Unix y Linux; permite a los atacantes ganar privilegios mediante un programa troyano en un directorio no especificado que está asociado a una RPATH no segura. • http://download.oracle.com/sunalerts/1019937.1.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.1EPSS: 0%CPEs: 10EXPL: 0CVE-2008-4816
https://notcve.org/view.php?id=CVE-2008-4816
05 Nov 2008 — Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors. Vulnerabilidad no especificada en el Gestor de Descargas de Adobe Reader v8.1.2 y anteriores en Windows; permite a atacantes remotos modificar las opciones de Seguridad de Internet en una máquina cliente a través de vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html •
CVSS: 9.3EPSS: 32%CPEs: 8EXPL: 0CVE-2008-4812 – Reader: embedded font handling out-of-bounds array indexing
https://notcve.org/view.php?id=CVE-2008-4812
05 Nov 2008 — Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts. Error de índice de array en Adobe Reader y Acrobat, y la extensión de Explorer (también conocida como AcroRd32Info), v8.1.2, v8.1.1 y anteriores; permite a atacantes remotos ejecutar código de su elección a través de un documento PDF manipul... • http://download.oracle.com/sunalerts/1019937.1.html • CWE-20: Improper Input Validation •