Adobe Acrobat Reader DC Collab Object Use-After-Free Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Acrobat Reader DC. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handli...

The vulnerability of the PDF-XChange PDF document viewing and editing program lies in the fact that operations outside the buffer are allowed in memory when processing Collab objects, allowing an attacker to execute arbitrary code.

The vulnerability of the PDF document viewing and editing software PDF-XChange lies in the fact that operations may go beyond the buffer in memory when processing Collab objects. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using a specially created malware fil...

PT-2022-4470 · Pdf Xchange · Pdf-Xchange Editor

Name of the Vulnerable Software and Affected Versions: PDF-XChange Editor affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations. User interaction is required, where the target must visit a malicious page or open a...

CVE-2022-28232

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

CVE-2022-28232

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

Design/Logic Flaw

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

CVE-2022-28232 Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

CVE-2022-28232

CVE-2022-28232 affects Adobe Acrobat Reader DC and related Acrobat/Reader components. A use-after-free vulnerability in the processing of the collab object can allow arbitrary code execution in the context of the current user. Exploitation requires user interaction: a victim must open a malicious...

CVE-2022-28232 Adobe Acrobat Reader DC Collab Object Use-After-Free Information Disclosure Vulnerability

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

CVE-2022-28232

Acrobat Reader DC versions 22.001.20085 and earlier, 20.005.3031x and earlier and 17.012.30205 and earlier are affected by a use-after-free vulnerability in the processing of the collab object that could result in arbitrary code execution in the context of the current user. Exploitation of this...

Adobe Acrobat JavaScript getIcon Method Buffer Overflow - Ver2 (CVE-2009-0927)

A buffer overflow vulnerability has been reported in Adobe Acrobat. The vulnerability is due to insufficient input validation in the getIcon method of a Collab object, while processing a crafted PDF file. Successful exploitation of this vulnerability could allow a remote attacker to execute...

Adobe Acrobat JavaScript getIcon Method Buffer Overflow (CVE-2009-0927)

Adobe develops products for creating, distributing, and viewing Portable Document Format PDF documents. Adobe Reader is a viewer application that allows for reading and the printing of PDF documents. Adobe Acrobat provides PDF authoring functionality in addition to those of viewing. A buffer...

Adobe Acrobat Reader 8.1.2 < 9.0 - 'getIcon()' Memory Corruption

Affected Version : Acrobat Reader 8.1.2 - 9.0 Vendor Patch : http://www.adobe.com/support/security/bulletins/apsb09-04.html Tested On : XP SP2 / SP3 from ZDI : http://www.zerodayinitiative.com/advisories/ZDI-09-014/ This vulnerability allows remote attackers to execute arbitrary code on vulnerabl...

Adobe Acrobat getIcon() Stack Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe Acrobat and Adobe Reader. User interaction is required in that a user must visit a malicious web site or open a malicious file. The specific flaw exists when processing malicious JavaScript...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658. Recent assessments:...

Adobe Reader < 9.1 / 8.1.4 / 7.1.1 Multiple Vulnerabilities

The version of Adobe Reader installed on the remote host is earlier than 9.1 / 8.1.4 / 7.1.1. Such versions are reportedly affected by multiple vulnerabilities : - An integer buffer overflow can be triggered when processing a malformed JBIG2 image stream with the '/JBIG2Decode' filter...

security flaw

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658...

CVE-2008-4813

Adobe Reader and Acrobat 8.1.2 and earlier, and before 7.1.1, allow remote attackers to execute arbitrary code via a crafted PDF document that 1 performs unspecified actions on a Collab object that trigger memory corruption, related to a GetCosObj method; or 2 contains a malformed PDF object that...