Lucene search
K

5961 matches found

seebug.org
seebug.org
added 2008/03/06 12:0 a.m.29 views

Adobe Acrobat Reader acroread创建不安全临时文件漏洞

BUGTRAQ ID: 28091 CVECAN ID: CVE-2008-0883 Acrobat Reader是一款流行的PDF文件阅读器。 Adobe Reader的acroread脚本在处理installCertificate选项时没有安全地处理临时文件,这允许本地攻击者通过符号链接攻击结合竞争条件覆盖或删除任意文件。 Adobe Acrobat Reader 8.1.2 厂商补丁: Adobe ----- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://support.novell.com/linux/psdb/sources.html...

3.7CVSS6.3AI score0.0077EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2008/03/04 12:0 a.m.39 views

GLSA-200803-01 : Adobe Acrobat Reader: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200803-01 Adobe Acrobat Reader: Multiple vulnerabilities Multiple vulnerabilities have been discovered in Adobe Acrobat Reader, including: A file disclosure when using file:// in PDF documents CVE-2007-1199 Multiple buffer overflo...

9.3CVSS7.9AI score0.94222EPSS
Exploits11References8
Tenable Nessus
Tenable Nessus
added 2008/02/27 12:0 a.m.18 views

SuSE 10 Security Update : acroread (ZYPP Patch Number 5042)

Adobe Acrobat Reader 8.1.2 contained a /tmp race in its 'acroread' wrapper script in the SSL certificate handling. CVE-2008-0883 Furthermore it contained several duplicated copies of system libraries, which have been removed for this update to make sure they are up-to-date security wise by using...

3.7CVSS5.4AI score0.0077EPSS
Exploits1References2
RedHat Linux
RedHat Linux
added 2008/02/22 4:57 p.m.1 views

acroread: silent print vulnerability

The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655...

4.3CVSS5.9AI score0.06914EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2008/02/22 4:57 p.m.3 views

Acrobat Reader Universal CSRF and session riding

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the 1 FDF, 2 xml, and 3 xfdf AJAX request parameters, following the hash character, aka...

4.3CVSS5.9AI score0.55472EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2008/02/20 12:0 a.m.35 views

SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 5010)

This version update to 8.1.2 fixes numerous bugs, including some security problems. CVE-2008-0667 / CVE-2008-0655 / CVE-2008-0726 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if...

9.3CVSS5.3AI score0.36844EPSS
Exploits2References6
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.53 views

SuSE 10 Security Update : acroread (ZYPP Patch Number 2508)

The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2006-5857 - Universal cross-site request forgery CSRF problems were fixed in...

9.3CVSS8.5AI score0.55677EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2007/12/13 12:0 a.m.43 views

SuSE 10 Security Update : acroread_ja (ZYPP Patch Number 2545)

The Adobe Acrobat Reader Japanese version has been updated to version 7.0.9. This update also includes following security fixes : - A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2006-5857 - Universal cross-site request forgery CSRF...

9.3CVSS8.5AI score0.55677EPSS
Exploits4References8
Check Point Advisories
Check Point Advisories
added 2007/10/31 12:0 a.m.7 views

Microsoft Windows ShellExecute and IE7 URL Handling Code Execution (MS07-061; CVE-2007-3896)

Microsoft Internet Explorer is the most widely used Internet browser. A remote code execution vulnerability has been reported in Microsoft Windows Internet Explorer 7. The vulnerability occurs when Windows does not correctly handle specially crafted URLs or URIs that are passed to it. There are a...

9.3CVSS7.2AI score0.53831EPSS
Exploits7
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.34 views

openSUSE 10 Security Update : acroread (acroread-1690)

Various unspecified security problems have been fixed in Acrobat Reader version 7.0.8 CVE-2006-3093, contained in this update. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update acroread-1690. Th...

6.8CVSS5.4AI score0.0603EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/10/17 12:0 a.m.39 views

openSUSE 10 Security Update : acroread (acroread-2506)

The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes : CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to code execution. CVE-2007-0044: Universal Cross Site Request Forgery CSRF problems...

9.3CVSS8.1AI score0.55677EPSS
Exploits5References6
Packet Storm
Packet Storm
added 2007/10/06 12:0 a.m.30 views

urihandlexp.txt

Hello, the URI handling problem on Windows XP systems with IE 7 installed hits a lot of applications, not only Firefox and mIRC -- namely Skype, Acrobat Reader, Miranda, Netscape. To recap: with the installation of IE 7 Microsoft changes the handling of URLs that are passed to the operating syste...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2007/10/05 12:0 a.m.10 views

Microsoft Windows - URI Handler Command Execution

Microsoft Windows - URI Handler Command Execution source: https://www.securityfocus.com/bid/25945/info Microsoft Windows XP and Server 2003 with Internet Explorer 7 is prone to a command-execution vulnerability because it fails to properly sanitize input. Successfully exploiting this issue allows...

7.6AI score
Exploits0
Symantec
Symantec
added 2007/10/05 12:0 a.m.61 views

Microsoft Windows URI Handler Command Execution Vulnerability

Description Microsoft Windows XP and Server 2003 with Internet Explorer 7 is prone to a command-execution vulnerability because it fails to properly sanitize input. Successfully exploiting this issue allows remote attackers to execute arbitrary commands in the context of users that follow malicio...

9.3CVSS0.8AI score0.53831EPSS
Exploits7References4Affected Software4
Exploit DB
Exploit DB
added 2007/10/05 12:0 a.m.27 views

Microsoft Windows - URI Handler Command Execution

source: https://www.securityfocus.com/bid/25945/info Microsoft Windows XP and Server 2003 with Internet Explorer 7 is prone to a command-execution vulnerability because it fails to properly sanitize input. Successfully exploiting this issue allows remote attackers to execute arbitrary commands in...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/03/10 12:0 a.m.36 views

Acrobat Reader plugin DoS

Request to PDF file with large number of n causes CPU and memory exhaustion...

5CVSS2.1AI score0.19612EPSS
Exploits1Affected Software1
seebug.org
seebug.org
added 2007/03/09 12:0 a.m.19 views

Adobe Acrobat/Adobe Reader信息泄露漏洞

Adobe Acrobat和Adobe Reader都是非常流行的PDF文件阅读器。 Adobe Reader或Adobe Acrobat打开恶意PDF文件时可能会启动file:// URL,这可能导致读取系统上的任意文件并发送给攻击者。 Adobe Acrobat Professional 8.0.0 Adobe Adobe Reader Professional 8.0.0 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.adobe.com...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.34 views

SUSE-SA:2007:011: acroread

The remote host is missing the patch for the advisory SUSE-SA:2007:011 acroread. The Adobe Acrobat Reader has been updated to version 7.0.9. This update also includes following security fixes: CVE-2006-5857: A memory corruption problem was fixed in Adobe Acrobat Reader can potentially lead to cod...

9.3CVSS8.3AI score0.55677EPSS
Exploits4
Tenable Nessus
Tenable Nessus
added 2007/01/26 12:0 a.m.35 views

GLSA-200701-16 : Adobe Acrobat Reader: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200701-16 Adobe Acrobat Reader: Multiple vulnerabilities Adobe Acrobat Reader in stand-alone mode is vulnerable to remote code execution via heap corruption when loading a specially crafted PDF file. The browser plugin released wi...

9.3CVSS8.7AI score0.55677EPSS
Exploits5References6
RedHat Linux
RedHat Linux
added 2007/01/22 7:40 p.m.1 views

security flaw

Multiple cross-site scripting XSS vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

4.3CVSS5.8AI score0.4526EPSS
Exploits2References4
Rows per page
Query Builder