Adobe Reader < 9.3.2 / 8.2.2 Multiple Vulnerabilities (APSB10-09)

The version of Adobe Reader installed on the remote host is earlier than 9.3.2 / 8.2.2. Such versions are reportedly affected by multiple vulnerabilities : - A cross-site scripting issue could lead to code execution. CVE-2010-0190 - A prefix protocol handler vulnerability could lead to code...

Adobe Reader PDF Handling Code Execution Vulnerability (Windows)

This host is installed with Adobe Reader and is prone to arbitrary code execution vulnerability. OpenVAS Vulnerability Test $Id: gbadobereaderexecodeexecvulnwin.nasl 8210 2017-12-21 10:26:31Z cfischer $ Adobe Reader PDF Handling Code Execution Vulnerability Windows Authors: Antu Sanadi Copyright:...

Adobe Reader PDF Handling Denial Of Service Vulnerability - Linux

Adobe Reader is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Adobe Reader PDF Handling Multiple Vulnerabilities - Windows

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Adobe Reader PDF Handling Code Execution Vulnerability - Windows

Adobe Reader is prone to an arbitrary code execution vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

CVE-2009-4764

Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document...

Code injection

Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document...

Open redirect

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

Heap overflow

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted PDF document, aka FG-VD-10-005...

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PD...

CVE-2009-4764

Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document...

CVE-2010-1241

Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted PDF document, aka FG-VD-10-005...

CVE-2010-1241

The CVE-2010-1241 issue is a heap-based buffer overflow in Adobe Reader/Acrobat’s custom heap management in 9.x (before 9.3.2) and 8.x (before 8.2.2) on Windows/macOS, leading to remote code execution or memory corruption via crafted PDFs. Public advisories (including Red Hat RHSA-2010:0349 and G...

CVE-2010-1240

CVE-2010-1240 affects Adobe Reader/Acrobat prior to 9.3.3 and 8.2.3 on Windows/Mac, due to improper restriction of a text field in the Launch File warning dialog that can be exploited via a crafted PDF to trigger arbitrary code execution. The connected exploit repository illustrates a PoC demonst...

Foxit Fixes PDF Executable Problem

Foxit on Friday released an update to fix the problem with PDF readers running executables without users’ permission. The problem, which was identified and publicized by Didier Stevens earlier this week, still exists in Adobe Reader. The Foxit security update fixes a problem in the reader in whic...

Adobe Reader - Escape From .PDF Execute Embedded Executable

Adobe Reader - Escape From .PDF Execute Embedded Executable Title : Escape From PDF Author : Didier Stevens Date : 03/29/2010 Source : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/ This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without...

Adobe Reader - Escape From &#039;.PDF&#039; Execute Embedded Executable

Title : Escape From PDF Author : Didier Stevens Date : 03/29/2010 Source : http://blog.didierstevens.com/2010/03/29/escape-from-pdf/ This is a special PDF hack: I managed to make a PoC PDF to execute an embedded executable without exploiting any vulnerability! I use a launch action triggered by t...

Hacker Finds a Way to Exploit PDF Files, Without Vulnerability

SEE: Updated report with response from Adobe and FoxIt Software A security researcher has managed to create a proof-of-concept PDF file that executes an embedded executable without exploiting any security vulnerabilities. The PDF hack, when combined with clever social engineering techniques, coul...

Malware PDF Spreads Via World Cup Emails

Researchers are reporting on an ongoing targeted malware campaign using a FIFA World Cup 2010 theme, in an attempt to trick end users into executing a malicious PDF file, exploiting a recently patched flaw in Adobe Reader. Read the full article. ZDNet...