National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:adobe:acrobat:5.0:-:pro
There are 417 matching records.
Displaying matches 401 through 417.
Vuln ID Summary CVSS Severity
CVE-2009-2980

Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2979

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2009-3459

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.

Published: October 13, 2009; 06:30:00 AM -04:00
    V2: 9.3 HIGH
CVE-2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

Published: March 24, 2009; 09:30:00 PM -04:00
    V2: 10.0 HIGH
CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

Published: November 04, 2008; 01:29:47 PM -05:00
    V2: 9.3 HIGH
CVE-2008-2042

The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.

Published: May 07, 2008; 08:20:00 PM -04:00
    V2: 9.3 HIGH
CVE-2008-0726

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.

Published: February 12, 2008; 03:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5659

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5663

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5666

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 6.2 MEDIUM
CVE-2008-0655

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

Published: February 07, 2008; 04:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2006-5857

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.

Published: December 31, 2006; 12:00:00 AM -05:00
    V2: 9.3 HIGH
CVE-2006-0525

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

Published: February 02, 2006; 06:02:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2005-2470

Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

Published: August 16, 2005; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2004-0629

Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.

Published: September 28, 2004; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2003-0284

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.

Published: June 16, 2003; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2002-0030

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.

Published: April 02, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM