National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Contains Software Flaws (CVE)
  • CPE Product Version: cpe:/a:adobe:acrobat_reader:-::~~classic~~~
There are 144 matching records.
Displaying matches 101 through 120.
Vuln ID Summary CVSS Severity
CVE-2009-2998

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2997

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2996

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2992

An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2009-2991

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2990

Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2987

Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2009-2986

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2985

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2983

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2982

An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2981

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2980

Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-2979

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.

Published: October 19, 2009; 06:30:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2009-3459

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.

Published: October 13, 2009; 06:30:00 AM -04:00
    V2: 9.3 HIGH
CVE-2009-1062

Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.

Published: March 24, 2009; 09:30:00 PM -04:00
    V2: 9.3 HIGH
CVE-2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

Published: March 24, 2009; 09:30:00 PM -04:00
    V2: 10.0 HIGH
CVE-2008-4817

The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 9.3 HIGH