Code injection

Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors...

Heap overflow

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors...

Input validation

An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors...

Design/Logic Flaw

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the 1 Privileged Context and 2 Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and...

Buffer overflow

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors...

Code injection

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors...

Input validation

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998...

Design/Logic Flaw

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."...

CVE-2009-2991

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors...

Memory corruption

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service memory corruption or possibly execute arbitrary code via unspecified vectors...

CVE-2009-2990

Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors...

CVE-2009-2991

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors...

CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the 1 Privileged Context and 2 Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and...

CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors...

CVE-2009-2980

CVE-2009-2980 concerns an integer overflow in Adobe Reader/Acrobat across multiple lines of versions (7.x up to 7.1.4, 8.x up to 8.1.7, 9.x up to 9.2) that can lead to denial of service or potentially remote code execution via unspecified vectors. Publicly documented details show affected product...

CVE-2009-2997

CVE-2009-2997 is an Adobe Reader/Acrobat U3D heap overflow vulnerability. Multiple SAINT records (e.g., C6D7B175C464FAAED01654B48ACA5121) describe a heap memory corruption due to an input validation error while parsing Universal 3D (U3D) files, specifically in the CLODMeshDeclaration block. Resol...

CVE-2009-2992

CVE-2009-2992 refers to an unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 that fails to properly validate input, enabling a denial of service via unknown vectors. Connected documents confirm this as a real vulnerability amo...

CVE-2009-2991

Technical details about CVE-2009-2991 are not publicly provided in the supplied documents. Monitor for updates.

CVE-2009-2982

Public technical details (affected products, exact root cause, exploit vectors) for CVE-2009-2982 are not provided in the connected documents. Monitor for forthcoming updates.

CVE-2009-2980

Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors...