CVSS: 10.0EPSS: 69%CPEs: 101EXPL: 0CVE-2009-3955 – acroread: multiple code execution flaws (APSB10-02)
https://notcve.org/view.php?id=CVE-2009-3955
13 Jan 2010 — Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption. Adobe Reader y Acrobat versión 9.x anterior a 9.3 y versión 8.x anterior a 8.2 en Windows y Mac OS X, permiten a los atacantes remotos ejecutar código arbitrario por medio de un marcador JP... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=836 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 4CVE-2009-4324 – Adobe Acrobat and Reader Use-After-Free Vulnerability
https://notcve.org/view.php?id=CVE-2009-4324
15 Dec 2009 — Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009. La vulnerabilidad de uso de la memoria previamente liberada (Use-after-free) en la función Doc.media.newPlayer en el archivo Multimedia.api en Adobe Reader y Acrobat versión 9.x anterior a 9.3, y ... • https://www.exploit-db.com/exploits/16503 • CWE-416: Use After Free •
CVSS: 6.5EPSS: 1%CPEs: 50EXPL: 0CVE-2009-2979 – acroread: Multiple DoS fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2979
19 Oct 2009 — Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document. Adobe Reader y Acrobat v9.x anteriores a la v9.2, v8.x anteriores a la v8.1.7 y posiblemente v7.x hasta la v7.1.4 no realizan apropiadamente la expansión de entidades XMP-XML, lo que permite a atacantes remotos provacar una denegación de servicio a través de un documento modificado. • http://securitytracker.com/id?1023007 •
CVSS: 9.8EPSS: 74%CPEs: 50EXPL: 0CVE-2009-2980 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2980
19 Oct 2009 — Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors. Desbordamiento de entero en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 permite a atacantes provocar una denegación de servicio o probablemente ejecutar código de su elección mediante vectores no especificados. • http://securitytracker.com/id?1023007 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 50EXPL: 0CVE-2009-2981 – acroread: Trust Manager restrictions bypass fixed in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2981
19 Oct 2009 — Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors. Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 no valida adecuadamente la entrada, pudiendo permitir a atacantes mediante vectores no especificados saltar las restricciones implementadas por Trust Manager. • http://securitytracker.com/id?1023007 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 1%CPEs: 50EXPL: 0CVE-2009-2982
https://notcve.org/view.php?id=CVE-2009-2982
19 Oct 2009 — An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors. Un certificado sin especificar en Adobe Reader y Acrobat v9.x anteriores a la v9.2, v8.x anteriores a la v8.1.7 y posiblemente v7.x hasta la v7.1.4 puede permitir a atacantes remotos llevar a cabo un "ataque por ingeniería social" a través de vectores de ataque desconocidos. • http://securitytracker.com/id?1023007 • CWE-310: Cryptographic Issues •
CVSS: 9.3EPSS: 2%CPEs: 50EXPL: 0CVE-2009-2986 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-2986
19 Oct 2009 — Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. Múltiples desbordamientos de búfer basado en memoria dinámica (heap) en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 podría permitir a atacantes ejecutar código de su elección mediante vectores no especificados. • http://securitytracker.com/id?1023007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 0%CPEs: 50EXPL: 0CVE-2009-2992
https://notcve.org/view.php?id=CVE-2009-2992
19 Oct 2009 — An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors. Un control ActiveX no especificado en Adobe Reader y Acrobat v9.x anteriores a v9.2, v8.x anteriores a v8.1.7 y posiblemente en v7.x anteriores a v7.1.4 no validan adecuadamente la entrada, permitiendo a atacantes provocar una denegación de servicio mediante vectores no especifica... • http://securitytracker.com/id?1023007 • CWE-20: Improper Input Validation •
CVSS: 9.8EPSS: 3%CPEs: 50EXPL: 1CVE-2009-2994 – Adobe Acrobat Reader 7 < 9 - U3D Buffer Overflow
https://notcve.org/view.php?id=CVE-2009-2994
19 Oct 2009 — Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. Desbordamiento de búfer en Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 permite a atacantes ejecutar código de su elección a través de vectores de ataque sin especificar. • https://www.exploit-db.com/exploits/9865 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 3%CPEs: 50EXPL: 0CVE-2009-3462 – acroread: Multiple arbitrary code execution fixes in 8.1.7 (APSB09-15)
https://notcve.org/view.php?id=CVE-2009-3462
19 Oct 2009 — Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." Adobe Reader y Acrobat v7.x anteriores a v7.1.4, 8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 en Unix, cuando el modo Debug está activado, permite a atacantes ejecutar código de su elección a través de vectores de ataque sin especificar, relacionados con un "bug" (error o fallo de diseño) de form... • http://securitytracker.com/id?1023007 •