Digital Editions Security Vulnerabilities - CVSS Score 9 - 10

CVE-2016-0954

Adobe Digital Editions before 4.5.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVE-2016-4256

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262.

CVE-2016-4257

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262.

CVE-2016-4258

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4259, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262.

CVE-2016-4259

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4260, CVE-2016-4261, and CVE-2016-4262.

CVE-2016-4260

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4261, and CVE-2016-4262.

CVE-2016-4261

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4262.

CVE-2016-4262

Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2016-4256, CVE-2016-4257, CVE-2016-4258, CVE-2016-4259, CVE-2016-4260, and CVE-2016-4261.

CVE-2016-4263

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspecified vectors.

CVE-2016-6980

Use-after-free vulnerability in Adobe Digital Editions before 4.5.2 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-4263.

CVE-2017-11274

Adobe Digital Editions 4.5.4 and earlier has an exploitable use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2017-2973

Adobe Digital Editions versions 4.5.3 and earlier have an exploitable heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3089

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF imaging model. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3090

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of browser related library extensions in the installer plugin. A successful exploitation could lead to arbitrary code execution.

CVE-2017-3092

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading of editor control library functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.

CVE-2017-3093

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the bitmap representation module. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3094

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF processing engine. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3095

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the PDF parsing engine. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3096

Adobe Digital Editions versions 4.5.4 and earlier have an exploitable memory corruption vulnerability in the character code mapping module. Successful exploitation could lead to arbitrary code execution.

CVE-2017-3097

Adobe Digital Editions versions 4.5.4 and earlier contain an insecure library loading vulnerability. The vulnerability is due to unsafe library loading functions in the installer plugin. A successful exploitation could lead to arbitrary code execution.

CVE-2018-12813

Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-12814

Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-12822

Adobe Digital Editions versions 4.5.8 and below have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2018-12823

Adobe Digital Editions versions 4.5.8 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2019-7095

Adobe Digital Editions versions 4.5.10.185749 and below have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution.

CVE-2020-3760

Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.