FreeBSD : acroread -- XML External Entity vulnerability (02bc9b7c-e019-11d9-a8bd-000cf18bbe54)

Sverre H. Huseby discovered a vulnerability in Adobe Acrobat and Adobe Reader. Under certain circumstances, using XML scripts it is possible to discover the existence of local files. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were...

CVE-2005-1841

The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it...

[SA15827] Adobe Reader / Acrobat Two Vulnerabilities

---------------------------------------------------------------------- Bist Du interessiert an einem neuen Job in IT-Sicherheit? Secunia hat zwei freie Stellen als Junior und Senior Spezialist in IT- Sicherheit: http://secunia.com/secuniavacancies/...

CVE-2005-1623: Adobe Reader and Adobe Acrobat PDF file command execution

CVE-2005-1623 is associated with Adobe Reader/Acrobat PDF handling. The initial description states a remote code execution vector where a specially crafted PDF containing JavaScript could cause execution of arbitrary executables if the attacker knows full application names/paths. The connected Op...

CVE-2005-1624: Adobe Reader and Adobe Acrobat updater allows folder elevated privileges

Affected product: Adobe Reader (Mac OS X). Vulnerability type: information disclosure vulnerability. The connected OpenVAS entry (Adobe Reader Information Disclosure Vulnerability, Jun 2005) lists CVE-2005-1624 among related CVEs and provides limited details (no exploitation info) with CVSS base/...

CVE-2005-1306

Adobe Reader/Acrobat 7.0 and 7.0.1 are affected by an information-disclosure vulnerability (XML External Entity) that lets remote attackers determine the existence of local files via Javascript containing XML script. Affected component is the Adobe Reader control; root cause is XML External Entit...

Adobe Acrobat 7.0 / Adobe Reader 7.0 - File Existence / File Disclosure

source: https://www.securityfocus.com/bid/13962/info Adobe Acrobat and Adobe Reader may allow remote attackers to determine the existence of files on a vulnerable computer. This issue can be used to disclose data from a target file as well. Information gathered through the exploitation of this...

CVE-2005-1347

Affected software: Adobe Acrobat Reader prior to version 7 (i.e., 6.0 and earlier). Vulnerability description in connected PT-2005-2349 indicates the issue could allow denial of service and memory modification via a crafted PDF, potentially enabling arbitrary code execution, but the vendor report...

CVE-2004-0632

CVE-2004-0632: Adobe Reader/Acrobat Reader 6.x is vulnerable to a buffer overflow caused by improper handling of NULL characters when splitting a filename path into components, allowing remote code execution via a crafted file with a long extension. The issue affects Adobe Reader 6.0 (and 6.0.x v...

CVE-2002-1017

The CVE-2002-1017 entry concerns Adobe eBook Reader 2.1 and 2.2. The vulnerability arises via the backup feature, which can capture the encryption Challenge and, using the appropriate hash function, generate the activation code to copy eBooks to other systems. Affected software is Adobe eBook Rea...