National Vulnerability Database

National Vulnerability Database

National Vulnerability

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:adobe:acrobat:3.1
There are 424 matching records.
Displaying matches 421 through 424.
Vuln ID Summary CVSS Severity

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long sequence of # (hash) characters appended to a PDF URL, related to a "cross-site scripting issue."

Published: January 03, 2007; 04:28:00 PM -05:00
    V2: 5.0 MEDIUM

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.

Published: December 31, 2006; 12:00:00 AM -05:00
    V2: 9.3 HIGH

Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files.

Published: July 12, 2006; 06:05:00 PM -04:00
    V2: 4.6 MEDIUM

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

Published: February 02, 2006; 06:02:00 AM -05:00
    V2: 4.6 MEDIUM