) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- CPE Product Version: cpe:/a:adobe:acrobat:11.0.8
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2014-8457 |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8460 and CVE-2014-9159. Published: December 10, 2014; 4:59:28 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8456 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Published: December 10, 2014; 4:59:27 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8455 |
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165. Published: December 10, 2014; 4:59:26 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8454 |
Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8455 and CVE-2014-9165. Published: December 10, 2014; 4:59:25 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8453 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to bypass the Same Origin Policy via unspecified vectors. Published: December 10, 2014; 4:59:24 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-8452 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow remote attackers to read arbitrary files via an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. Published: December 10, 2014; 4:59:23 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-8451 |
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8448. Published: December 10, 2014; 4:59:22 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-8449 |
Integer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors. Published: December 10, 2014; 4:59:21 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8448 |
An unspecified JavaScript API in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to obtain sensitive information via unknown vectors, a different vulnerability than CVE-2014-8451. Published: December 10, 2014; 4:59:20 PM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
| CVE-2014-8447 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Published: December 10, 2014; 4:59:20 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8446 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Published: December 10, 2014; 4:59:19 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-8445 |
Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE-2014-8458, CVE-2014-8459, CVE-2014-8461, and CVE-2014-9158. Published: December 10, 2014; 4:59:18 PM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-9150 |
Race condition in the MoveFileEx call hook feature in Adobe Reader and Acrobat 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently write to files in arbitrary locations, via an NTFS junction attack, a similar issue to CVE-2014-0568. Published: November 29, 2014; 9:59:00 PM -0500 |
V3.x:(not available) V2.0: 6.4 MEDIUM |
| CVE-2014-0568 |
The NtSetInformationFile system call hook feature in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows allows attackers to bypass a sandbox protection mechanism, and consequently execute native code in a privileged context, via an NTFS junction attack. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-0567 |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0561. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-0566 |
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0565. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-0565 |
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-0566. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |
| CVE-2014-0563 |
Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allow attackers to cause a denial of service (memory corruption) via unspecified vectors. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
| CVE-2014-0562 |
Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
| CVE-2014-0561 |
Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567. Published: September 17, 2014; 6:55:06 AM -0400 |
V3.x:(not available) V2.0: 10.0 HIGH |