National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): Adobe reader
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 1,718 matching records.
Displaying matches 1661 through 1680.
Vuln ID Summary CVSS Severity
CVE-2008-4817

The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 9.3 HIGH
CVE-2008-4816

Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 4.3 MEDIUM
CVE-2008-4815

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 7.5 HIGH
CVE-2008-4814

Unspecified vulnerability in a JavaScript method in Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allows remote attackers to execute arbitrary code via unknown vectors, related to an "input validation issue."

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 9.3 HIGH
CVE-2008-4813

Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that (1) performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or (2) contains a malformed PDF object that triggers memory corruption during parsing.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 9.3 HIGH
CVE-2008-4812

Array index error in Adobe Reader and Acrobat, and the Explorer extension (aka AcroRd32Info), 8.1.2, 8.1.1, and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that triggers an out-of-bounds write, related to parsing of Type 1 fonts.

Published: November 05, 2008; 10:00:14 AM -05:00
    V2: 9.3 HIGH
CVE-2008-2992

Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.

Published: November 04, 2008; 01:29:47 PM -05:00
    V2: 9.3 HIGH
CVE-2008-2641

Unspecified vulnerability in Adobe Reader and Acrobat 7.0.9 and earlier, and 8.0 through 8.1.2, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to an "input validation issue in a JavaScript method."

Published: June 25, 2008; 08:36:00 AM -04:00
    V2: 10.0 HIGH
CVE-2008-2549

Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.

Published: June 04, 2008; 03:32:00 PM -04:00
    V2: 4.3 MEDIUM
CVE-2008-0883

acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.

Published: March 05, 2008; 07:44:00 PM -05:00
    V2: 3.7 LOW
CVE-2008-0726

Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.

Published: February 12, 2008; 03:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5659

Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5663

Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via a crafted PDF file that calls an insecure JavaScript method in the EScript.api plug-in. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-5666

Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.1 and earlier allows local users to execute arbitrary code via a malicious Security Provider library in the reader's current working directory. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 12, 2008; 02:00:00 PM -05:00
    V2: 6.2 MEDIUM
CVE-2008-0667

The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.

Published: February 11, 2008; 04:00:00 PM -05:00
    V2: 4.3 MEDIUM
CVE-2008-0655

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.

Published: February 07, 2008; 04:00:00 PM -05:00
    V2: 9.3 HIGH
CVE-2007-3896

The URL handling in Shell32.dll in the Windows shell in Microsoft Windows XP and Server 2003, with Internet Explorer 7 installed, allows remote attackers to execute arbitrary programs via invalid "%" sequences in a mailto: or other URI handler, as demonstrated using mIRC, Outlook, Firefox, Adobe Reader, Skype, and other applications. NOTE: this issue might be related to other issues involving URL handlers in Windows systems, such as CVE-2007-3845. There also might be separate but closely related issues in the applications that are invoked by the handlers.

Published: October 10, 2007; 08:17:00 PM -04:00
    V2: 9.3 HIGH
CVE-2007-5020

Unspecified vulnerability in Adobe Acrobat and Reader 8.1 on Windows allows remote attackers to execute arbitrary code via a crafted PDF file, related to the mailto: option and Internet Explorer 7 on Windows XP. NOTE: this information is based upon a vague pre-advisory by a reliable researcher.

Published: September 21, 2007; 02:17:00 PM -04:00
    V2: 9.3 HIGH
CVE-2007-1377

AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.

Published: March 09, 2007; 07:19:00 PM -05:00
    V2: 5.0 MEDIUM
CVE-2007-1199

Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045.

Published: March 02, 2007; 04:18:00 PM -05:00
    V2: 4.3 MEDIUM