Gentoo Security Advisory GLSA 200907-06 (acroread)

The remote host is missing updates announced in advisory GLSA 200907-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Memory corruption

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via 1 a crafted Flash application in a .pdf file or 2...

CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via 1 a crafted Flash application in a .pdf file or 2...

CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via 1 a crafted Flash application in a .pdf file or 2...

VulnCheck KEV: CVE-2009-1862

Adobe Acrobat and Reader and Adobe Flash Player allows remote attackers to execute code or cause denial-of-service DoS...

CVE-2009-1862

Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via 1 a crafted Flash application in a .pdf file or 2...

Adobe Flash vulnerability affects Flash Player and other Adobe products

Overview Adobe Flash contains a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Adobe Flash Player, Reader, Acrobat, and other products that include Flash support are affected. Description Adobe Flash is a widely deployed multimedi...

Code injection

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...

CVE-2009-2564

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...

CVE-2009-2564

NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlusHelperSvc.exe with insecure permissions Everyone:Full Control, which allows local users to...

CVE-2009-2564

CVE-2009-2564 describes a local privilege escalation in the NOS getPlus/GetPlus Download Manager used with Adobe Reader (and possibly Corel GetPlus). The core issue is that getPlus_HelperSvc.exe is installed with insecure permissions (Everyone: Full Control), which allows a local user to replace ...

Adobe Acrobat, Reader, and Flash Player Remote Code Execution Vulnerability

Description Adobe Acrobat, Reader, and Flash Player are prone to a remote code-execution vulnerability. An attacker can exploit this issue by supplying a malicious Flash '.swf' file or by embedding a malicious Flash application in a PDF file. Successful exploits may allow the attacker to execute...

openSUSE Security Update : acroread (acroread-689)

Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062...

openSUSE Security Update : acroread (acroread-689)

Multiple flaws in the JBIG2 decoder and the JavaScript engine of the Adobe Reader allowed attackers to crash acroread or even execute arbitrary code by tricking users into opening specially crafted PDF files. CVE-2009-0658, CVE-2009-0927, CVE-2009-0193, CVE-2009-0928, CVE-2009-1061, CVE-2009-1062...

GLSA-200907-06 : Adobe Reader: User-assisted execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-200907-06 Adobe Reader: User-assisted execution of arbitrary code Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter CVE-2009-019...

Adobe Reader: User-assisted execution of arbitrary code

Background Adobe Reader is a PDF reader released by Adobe. Description Multiple vulnerabilities have been reported in Adobe Reader: Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in the JBIG2 filter CVE-2009-0198. Mark Dowd of the IBM Internet Security Systems X-Force and...

Vulnerabilities and Attack Surface

From CERT Will Dormann Two recent US-CERT Vulnerability Notes cert.org describe similar issues in the Adobe Reader and Foxit Reader PDF viewing applications. The vulnerabilities, that both applications failed to properly handle JPEG2000 JPX data streams, were discovered as part of our Vulnerabili...

RedHat Security Advisory RHSA-2009:1109

The remote host is missing updates announced in advisory RHSA-2009:1109. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Multiple security flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash or, potentially,...

RedHat Security Advisory RHSA-2009:1109

The remote host is missing updates announced in advisory RHSA-2009:1109. Adobe Reader allows users to view and print documents in Portable Document Format PDF. Multiple security flaws were discovered in Adobe Reader. A specially crafted PDF file could cause Adobe Reader to crash or, potentially,...

acroread: multiple security fixes in version 8.1.6 (APSB09-07)

Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block...