Nitro Pro PDF Reader 11.0.3.173 Javascript API Remote Code Execution

This module exploits an unsafe Javascript API implemented in Nitro and Nitro Pro PDF Reader version 11. The saveAs Javascript API function allows for writing arbitrary files to the file system. Additionally, the launchURL function allows an attacker to execute local files on the file system and...

CVE-2017-3057

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution...

Design/Logic Flaw

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2017-3057

CVE-2017-3057 concerns Adobe Reader/Acrobat in Windows/macOS/Linux where vulnerable builds before certain version points—Adobe Acrobat Reader 11.0.19 and earlier; 15.006.30280 and earlier; 15.023.20070 and earlier—exhibit an exploitable use-after-free in the JavaScript API used for collaboration....

CVE-2017-3057

Adobe Acrobat Reader versions 11.0.19 and earlier, 15.006.30280 and earlier, 15.023.20070 and earlier have an exploitable use after free vulnerability in the JavaScript API related to the collaboration functionality. Successful exploitation could lead to arbitrary code execution...

CVE-2016-6957

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors...

Design/Logic Flaw

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors...

Adobe Acrobat Security Updates (APSB16-33) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Adobe Acrobat Security Updates (APSB16-26) - Windows

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Adobe Acrobat Security Updates (APSB16-26) - Mac OS X

Adobe Acrobat is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobat"; ifdescription...

Adobe Reader Security Updates (APSB16-26) - Mac OS X

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

Security Bypass Vulnerabilities in Multiple Adobe Products (CNVD-2016-04969)

Adobe Reader, etc. are the United States of America Auduby Adobe company's products. Adobe Reader is a free PDF file reader; Acrobat is a PDF file editing and conversion tools; Acrobat Reader DC is a set of tools for viewing, printing and annotating PDF.Classic and Continuous are the two update...

Adobe Reader Security Updates (APSB16-26) - Windows

Adobe Reader is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:adobe:acrobatreader";...

CVE-2016-4215

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors...

CVE-2016-4215

Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors...

Adobe Acrobat < 11.0.17 / 15.006.30198 / 15.017.20050 Multiple Vulnerabilities (APSB16-26) (Mac OS X)

The version of Adobe Acrobat installed on the remote Mac OS X host is prior to 11.0.17, 15.006.30198, or 15.017.20050. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified memory corruption issues exist due to improper validation of user-supplied input. An...

Adobe Reader < 11.0.17 / 15.006.30198 / 15.017.20050 Multiple Vulnerabilities (APSB16-26) (Mac OS X)

The version of Adobe Reader installed on the remote Mac OS X host is prior to 11.0.17, 15.006.30198, or 15.017.20050. It is, therefore, affected by multiple vulnerabilities : - Multiple unspecified memory corruption issues exist due to improper validation of user-supplied input. An unauthenticate...

KLA10838 Multiple vulnerabilities in Adobe Acrobat & Reader

Multiple serious vulnerabilities have been found in Adobe products. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions or cause a denial of service. Below is a complete list of vulnerabilities 1. Integer overflow, use-after-free, buffer...

Adobe Creative Cloud <= 3.5.1.209 Arbitrary File Read/Write Vulnerability

The version of Adobe Creative Cloud installed on the remote Windows host is prior or equal to 3.5.1.209. It is, therefore, affected by a flaw in the JavaScript API for Creative Cloud Libraries due to an exposed service. An unauthenticated, remote attacker can exploit this to read or write arbitra...

Adobe Creative Cloud <= 3.5.1.209 Arbitrary File Read/Write Vulnerability (Mac OS X)

The version of Adobe Creative Cloud installed on the remote Mac OS X host is prior or equal to 3.5.1.209. It is, therefore, affected by a flaw in the JavaScript API for Creative Cloud Libraries due to an exposed service. An unauthenticated, remote attacker can exploit this to read or write...