CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted SW...

CVE-2010-1297

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via crafted SW...

Adobe Flash Player authplay.dll Component Code Execution (APSA10-01; CVE-2010-1297)

The Adobe Flash Player is a multimedia and application player that renders Shockwave Flash SWF files. A remote code execution vulnerability has been reported in Adobe Flash Player. The vulnerability is due to the authplay.dll component that ships with Adobe Reader and Acrobat 9.x. A remote attack...

Adobe Flash Player, Reader, and Acrobat 'authplay.dll' Remote Code Execution Vulnerability

Description Adobe Flash Player, Reader, and Acrobat are prone to a remote code execution vulnerability. Adobe reports that this vulnerability is being exploited in the wild. This vulnerability is present in the following versions: Flash Player 10.0.45.2, 9.0.262, and earlier Flash Player 10.0.x a...

RHEL 4 / 5 : acroread (RHSA-2010:0349)

Updated acroread packages that fix several security issues are now available for Red Hat Enterprise Linux 4 Extras and Red Hat Enterprise Linux 5 Supplementary. The Red Hat Security Response Team has rated this update as having critical security impact. Common Vulnerability Scoring System CVSS ba...

Main PHP-Nuke Site Compromised

The main site for the PHP-Nuke content management system software has been compromised and is serving malicious iFrame exploits to visitors. Researchers at Websense found that the phpnuke.org site is currently serving several different exploits. The attack uses the common iFrame-redirection...

Foxit Launches 'Safe Mode' to Counter PDF Attacks

Foxit Corp has added new security features to its alternative PDF reader software to help thwart recent malware attacks that exploit the “/launch” feature. With Foxit PDF Reader Version 3.3, the company has added a Safe Mode that blocks external commands from being executed by the software. The...

Researcher: 'MS Should Have Simple PDF Viewer'

Microsoft should add a basic PDF viewer to Windows to help protect users from the spike in attacks exploiting bugs in Adobe’s Reader, said a security researcher. Read the full article. Computerworld...

VulnCheck KEV: CVE-2010-0188

Unspecified vulnerability in Adobe Reader and Acrobat allows attackers to cause a denial of service or possibly execute arbitrary code...

VulnCheck KEV: CVE-2006-6027

Adobe Reader Adobe Acrobat Reader 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control...

Adobe - 'Doc.media.newPlayer' Use-After-Free (Metasploit) (1)

$Id: adobemedianewplayer.rb 9179 2010-04-30 08:40:19Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

Buffer overflow

Buffer overflow in the Atlcom.getatlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters...

CVE-2010-1278

CVE-2010-1278 describes a buffer overflow in the gp.ocx ActiveX control (Atlcom.get_atlcom) used by Adobe Download Manager, affecting Adobe Reader/Acrobat 8.x before 8.2 and 9.x before 9.3. During initialization, two parameters are copied into a fixed-length buffer; oversized values can overflow ...

VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability

VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow Vulnerability http://www.vupen.com/english/research.php I. BACKGROUND --------------------- "Adobe Acrobat and Reader are the global standards for electronic document sharing. They are used to create, view, search,...

Security update available for Adobe Reader and Acrobat

Security update available for Adobe Reader and Acrobat Release date: April 13, 2010 Vulnerability identifier: APSB10-09 CVE numbers: CVE-2010-0190, CVE-2010-0191, CVE-2010-0192, CVE-2010-0193, CVE-2010-0194, CVE-2010-0195, CVE-2010-0196, CVE-2010-0197, CVE-2010-0198, CVE-2010-0199, CVE-2010-0201,...

Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities - Linux

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Adobe Acrobat and Reader PDF Handling Multiple Vulnerabilities - Windows

Adobe Reader/Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Java Zero-Day Attacks In The Wild

Just days after Google researcher Tavis Ormandy released details on a dangerous new Java vulnerability, malicious hackers have pounced and are exploiting the flaw in the wild to launch drive-by download attacks. Virus hunters have spotted the attacks on a popular song lyrics Web site. Any visitor...

CVE-2010-0202

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0203...

CVE-2010-0204

Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to cause a denial of service memory corruption or execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0194, CVE-2010-0197, and CVE-2010-0201...