CVSS: 9.3EPSS: 97%CPEs: 78EXPL: 2CVE-2009-3459 – Adobe - FlateDecode Stream Predictor 02 Integer Overflow
https://notcve.org/view.php?id=CVE-2009-3459
13 Oct 2009 — Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information. Un Desbordamiento de búfer en la región heap de la memoria en Adobe Reader y Acrobat versión 7.x anterior a versión 7.1.4, versión 8.x anterior a 8.1.7, y versión 9.x anterior a 9.2, ... • https://www.exploit-db.com/exploits/16546 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 6%CPEs: 50EXPL: 0CVE-2009-2985 – Adobe Reader Compact Font Format Malformed Index Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-2985
13 Oct 2009 — Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996. Adobe Reader y Acrobat v7.x anteriores a v7.1.4, v8.x anteriores a v8.1.7 y v9.x anteriores a v9.2 permite a atacantes provocar una denegación de servicio (consumo de memoria) o probablemente ejecutar código de su elección mediante vectores no especificados, si... • http://securitytracker.com/id?1023007 • CWE-399: Resource Management Errors •
CVSS: 8.1EPSS: 22%CPEs: 85EXPL: 2CVE-2009-3431 – Adobe Acrobat 9.1.3 - Stack Exhaustion Denial of Service
https://notcve.org/view.php?id=CVE-2009-3431
25 Sep 2009 — Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method. NOTE: some of these details are obtained from third party information. Una vulnerabilidad de consumo de pila en Reader y Acrobat de Adobe versione... • https://www.exploit-db.com/exploits/33017 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 4EXPL: 0CVE-2009-1862 – Adobe Acrobat and Reader, Flash Player Unspecified Vulnerability
https://notcve.org/view.php?id=CVE-2009-1862
23 Jul 2009 — Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009. Vulnerabilidad sin especificar en Adobe Reader , Acrobat de la v9.x a la v9.1.2 y Adobe Flash Player v9.x a la v9.0.159.0 y... • http://blogs.adobe.com/psirt/2009/07/potential_adobe_reader_and_fla.html • CWE-787: Out-of-bounds Write •
CVSS: 7.3EPSS: 0%CPEs: 4EXPL: 5CVE-2009-2564 – Adobe 9.x Related Service - 'getPlus_HelperSvc.exe' Local Privilege Escalation
https://notcve.org/view.php?id=CVE-2009-2564
21 Jul 2009 — NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. NOTE: within Adobe Reader, the scope of this issue is... • https://www.exploit-db.com/exploits/9199 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 41%CPEs: 83EXPL: 0CVE-2009-1856 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1856
11 Jun 2009 — Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflow. Un desbordamiento entero en Reader versión 7 y Acrobat versiones 7 anteriores a 7.1.3 de Adobe, Reader versión 8 y Acrobat versiones 8 anteriores a 8.1.6 de A... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=807 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 0%CPEs: 83EXPL: 0CVE-2009-1857 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1857
11 Jun 2009 — Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font. Reader versión 7 y Acrobat versiones 7 anteriores a 7.1.3 de Adobe, Reader versión 8 y Acrobat versiones 8 anteriores a 8.1.6 y Reader versión 9 y Acrobat versiones 9 anteriores a 9.1.2 de Adobe, permite a los atacantes causar una ... • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 64%CPEs: 83EXPL: 0CVE-2009-1858 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1858
11 Jun 2009 — The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. El filtro JBIG2 en Adobe Reader v7 y Acrobat v7 anterior a v7.1.3, Adobe Reader v8 y Acrobat 8 anterior a v8.1.6, y Adobe Reader v9 y Acrobat 9 anterior a v9.1.2, permitiría a atacantes remotos ejecutar código arbitrario a través de vectores inespec... • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 10%CPEs: 83EXPL: 0CVE-2009-1859 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1859
11 Jun 2009 — Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader v8 y Acrobat v8 anteriores a v8.1.6, y Adobe Reader v9 y Acrobat v9 anteriores a v9.1.2 podría permitir a atacantes ejecutar código arbitrario a través de vectores inespecíficos que inician la corrupción de la mem... • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 77%CPEs: 83EXPL: 0CVE-2009-1861 – acroread: multiple security fixes in version 8.1.6 (APSB09-07)
https://notcve.org/view.php?id=CVE-2009-1861
11 Jun 2009 — Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption. Múltiples desbordamientos de búfer basados en memoria dinámica en Adobe Reader v7 y Acrobat v7 anteriores a v7.1.3, Adobe Reader v8 y Acrobat ... • http://lists.opensuse.org/opensuse-security-announce/2009-07/msg00000.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •