CVSS: 10.0EPSS: 14%CPEs: 52EXPL: 0CVE-2012-0774 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0774
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font. Desbordamiento de entero en Adobe Reader y Acrobat v9.x anteriores a v9.5.1 y v10.x anterior a v10.1.3, permite a atacantes ejecutar código a su elección a través de una fuente TrueType manipulada. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52951 http://www.securitytracker.com/id?1026908 ht • CWE-189: Numeric Errors •
CVSS: 6.8EPSS: 1%CPEs: 8EXPL: 0CVE-2012-0777 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0777
The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. La API JavaScript en Adobe Reader y Acrobat v9.x anteriores a v9.5.1 y v10.x anteriores a v10.1.3 en Mac OS X y Linuxm permite a atacantes ejecutar código o provocar una denegación de servicio (corrupción de memoria) a través de vectores no especificados. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52950 http://www.securitytracker.com/id?1026908 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 7%CPEs: 52EXPL: 0CVE-2012-0775 – acroread: multiple unspecified flaws (APSB12-08, APSB12-01)
https://notcve.org/view.php?id=CVE-2012-0775
The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. La implantanción de JavaScript de Adobe Reader y Acrobat 9.x anteriores 9.5.1 y 10.x anteriores a 10.1.3 permite a atacantes ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de vectores sin especificar. • http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html http://rhn.redhat.com/errata/RHSA-2012-0469.html http://secunia.com/advisories/48756 http://secunia.com/advisories/48846 http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securityfocus.com/bid/52949 http://www.securitytracker.com/id?1026908 ht • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 2%CPEs: 52EXPL: 0CVE-2012-0776
https://notcve.org/view.php?id=CVE-2012-0776
The installer in Adobe Reader 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to bypass intended access restrictions and execute arbitrary code via unspecified vectors. El instalador en Adobe Reader v9.x anteriores a v9.5.1 y v10.x anterior a la v10.1.3 permite a atacantes evitar las restricciones de acceso y ejecutar código a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb12-08.html http://www.securitytracker.com/id?1026908 http://www.us-cert.gov/cas/techalerts/TA12-101B.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15270 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 0%CPEs: 13EXPL: 0CVE-2011-4374 – acroread: multiple code execution flaws (APSB11-24)
https://notcve.org/view.php?id=CVE-2011-4374
Integer overflow in Adobe Reader 9.x before 9.4.6 on Linux allows attackers to execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Reader v9.x antes de v9.4.6 en Linux permite a los atacantes ejecutar código de su elección a través de vectores no especificados. • http://www.adobe.com/support/security/bulletins/apsb11-24.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14812 https://access.redhat.com/security/cve/CVE-2011-4374 https://bugzilla.redhat.com/show_bug.cgi?id=749381 • CWE-190: Integer Overflow or Wraparound •