6684 matches found
CVE-2006-5857
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering...
[Full-disclosure] Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite
Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite by Piotr Bania [email protected] http://www.piotrbania.com Orginal url: http://www.piotrbania.com/all/adv/adobe-acrobat-adv.txt Severity: Critical - Possible remote code execution. CVE ID: CVE-2006-5857 Time line:...
Adobe Reader buffer overflow
Heap buffer overflow on PDF parsing...
Adobe Reader < 6.0.6 / 7.0.9 Multiple Vulnerabilities
The version of Adobe Reader installed on the remote host is earlier than 7.0.9 / 8.0 and is, therefore, reportedly affected by several security issues, including one that can lead to arbitrary code execution when processing a malicious PDF file. C Tenable Network Security, Inc. include"compat.inc...
Adobe reader plugin PDF files universal crossite scripting
By using URIs like http://path/to/pdf/file.pdfwhatevernameyouwant=javascript:yourcodehere it's possible to execute code in context of any Web site where at least one PDF is stored. 2. By using "trigger action" in PDF document it's possible to execute code in context of the web page where...
Adobe Reader 9.1.3 Plugin - Cross-Site Scripting
Adobe Reader 9.1.3 Plugin - Cross-Site Scripting source: https://www.securityfocus.com/bid/21858/info Adobe Reader Plugin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary...
Adobe Reader 9.1.3 Plugin - Cross-Site Scripting
source: https://www.securityfocus.com/bid/21858/info Adobe Reader Plugin is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code execute in the browser of an...
Adobe Acrobat Plug-In cross domain violation
Overview The Adobe Acrobat Plug-In fails to properly validate user-supplied content, which may allow for cross-site scripting. Description Adobe Acrobat Reader is software designed to view Portable Document Format PDF files. Adobe also distributes the Adobe Acrobat Plug-In to allow users to view...
CVE-2006-5857
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering...
Adobe Reader AcroPDF.DLL ActiveX控件远程拒绝服务漏洞
Adobe Reader是非常流行的PDF文件阅读器。 IE浏览器在以畸形的参数调用Adobe Reader的AcroPDF.DLL ActiveX控件时存在漏洞,远程攻击者可能利用此漏洞导致浏览器崩溃。 如果用户受骗打开了恶意的WEB页面的话,就会触发这个漏洞,导致浏览器崩溃。 Adobe Acrobat Reader 7.0.8 目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本: http://www.adobe.com !--...
Adobe Reader 7.0.8.0 AcroPDF.dll Internet Explorer Denial of Service
No description provided by source. !-- --------------------------------------------------------------------------------- Adobe Reader 7.0.8.0 AcroPDF.dll Internet Explorer Denial of Service author: shinnai mail: shinnaiatautisticidotorg site: http://shinnai.altervista.org Tested on Windows XP...
Adobe Reader 7.0.8.0 AcroPDF.dll Internet Explorer Denial of Service
Exploit for unknown platform in category dos / poc ==================================================================== Adobe Reader 7.0.8.0 AcroPDF.dll Internet Explorer Denial of Service ==================================================================== argCount = 1 arg1=String2097512, "A"...
Adobe Reader < 8.0 AcroPDF ActiveX Control Multiple Vulnerabilities
The remote host contains a version of the 'AcroPDF' ActiveX control included with Adobe Reader and Acrobat. The version of this ActiveX control on the remote host reportedly exposes several methods that fail to handle malformed arguments. If an attacker can trick a user on the affected host into...
CVE-2006-6236
Adobe Reader Adobe Acrobat Reader 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the 1 src, 2 setPageMode, 3 setLayoutMode, and 4 setNamedDest methods in an AcroPDF ActiveX control, a different set of vector...
CVE-2006-6236
Adobe Reader Adobe Acrobat Reader 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the 1 src, 2 setPageMode, 3 setLayoutMode, and 4 setNamedDest methods in an AcroPDF ActiveX control, a different set of vector...
CVE-2006-6236
Adobe Reader Adobe Acrobat Reader 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the 1 src, 2 setPageMode, 3 setLayoutMode, and 4 setNamedDest methods in an AcroPDF ActiveX control, a different set of vector...
Adobe Reader/Acrobat AcroPDF.dll ActiveX控件远程代码执行漏洞
Adobe Reader和Acrobat都是非常流行的PDF文件阅读器。 Adobe Reader和Acrobat的AcroPDF ActiveX控件没有正确处理可能的畸形参数,远程攻击者可能利用此漏洞在用户机器上执行任意指令。 AcroPDF ActiveX控件(AcroPDF.dll)没有正确地处理传送给src、setPageMode、setLayoutMode、setNamedDest和LoadFile方法的畸形参数。如果用户受骗访问了特制的web页面的话,就可能会触发内存破坏,导致执行任意指令。 Adobe Acrobat 7.0.0 - 7.0.8 Adobe Adobe...
Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input
Overview The Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input to its methods. This could allow an attacker to cause the application using the ActiveX control to crash. Description Adobe Acrobat and Adobe Reader provide an ActiveX control to allow applications such as...
CVE-2006-6027
Adobe Reader Adobe Acrobat Reader 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control...
CVE-2006-6027
CVE-2006-6027 affects Adobe Reader (7.0–7.0.8) via the AcroPDF ActiveX control. The issue is a memory corruption vulnerability triggered by a long argument string passed to LoadFile, allowing remote denial of service and potentially arbitrary code execution. Connected sources corroborate the vuln...