1381 matches found
CVE-2021-28550
CVE-2021-28550 is an Adobe Acrobat/Reader Use-After-Free vulnerability that allows arbitrary code execution in the context of the current user when a user opens a crafted PDF. Affected products include Acrobat Reader DC (versions 2021.001.20150 and earlier), 2020.001.30020 and earlier, and 2017.0...
CVE-2013-0640
CVE-2013-0640 is a memory corruption remote code execution vulnerability in Adobe Reader and Acrobat. It affects Adobe Reader/Acrobat 9.x prior to 9.5.4, 10.x prior to 10.1.6, and 11.x prior to 11.0.02, exploitable via a crafted PDF and observed in the wild in February 2013. The impact includes r...
CVE-2013-3346
CVE-2013-3346 affects Adobe Reader and Acrobat where the ToolButton use-after-free in the ToolButton callback enables memory corruption leading to arbitrary code execution or Denial of Service. Affected product versions are Adobe Reader/Acrobat 9.x <= 9.5.4, 10.x <= 10.1.6, and 11.x
CVE-2008-2992
CVE-2008-2992 is a stack-based buffer overflow in Adobe Reader/Acrobat up to version 8.1.2 triggered by parsing crafted PDF files that invoke the util.printf JavaScript function. The vulnerability allows a remote attacker to execute arbitrary code with the user’s privileges when a victim opens a ...
CVE-2021-21017
CVE-2021-21017 affects Adobe Acrobat/Reader (DC Continuous and prior releases) with a heap-based buffer overflow that could allow arbitrary code execution in the user’s context after opening a malicious file. The linked exploit analyses describe a flaw in URL/baseURL handling within PDFs (potenti...
CVE-2011-0609
The CVE-2011-0609 issue is an Adobe Flash Player AVM Bytecode Verification vulnerability that allows remote code execution via crafted SWF content. Affected products include Flash Player 10.2.x and earlier (Windows, macOS, Linux, Solaris), Flash Player 10.1.106.16 and earlier on Android, Adobe AI...
CVE-2014-0496
CVE-2014-0496 is a use-after-free vulnerability in Adobe Reader and Acrobat (X and XI) on Windows and macOS. Affected products are Adobe Reader X (v10.0.x) prior to 10.1.8 and Adobe Acrobat X 10.1.8 and earlier, and Adobe Reader XI 11.x prior to 11.0.06 and Adobe Acrobat XI 11.x prior to 11.0.06....
CVE-2010-0188
CVE-2010-0188 is an Adobe Reader/Acrobat vulnerability in the PDF handling stack (notably LibTIFF-related parsing) that could allow denial of service or remote code execution via a crafted PDF. Affected products include Adobe Reader/Acrobat 8.x (before 8.2.1) and 9.x (before 9.3.1). Public analys...
CVE-2010-1297
CVE-2010-1297 affects Adobe Flash Player (versions prior to 9.0.277.0 and 10.x prior to 10.1.53.64), Adobe AIR (prior to 2.0.2.12610), and Adobe Reader/Acrobat (8.x up to 8.2.3; 9.x prior to 9.3.3) on Windows and macOS. The root cause is memory corruption/remote code execution via crafted SWF con...
CVE-2007-5659
Adobe Acrobat/Reader (シリーズ 8.1.1 and earlier) contains a buffer-overflow in unspecified JavaScript methods triggered by a crafted PDF long-argument to JavaScript calls, enabling remote code execution. The vulnerability (CVE-2007-5659) is noted to potentially be subsumed by CVE-2008-0655. Exploita...
CVE-2009-1862
CVE-2009-1862 describes a memory-corruption vulnerability in Adobe Flash Player (and Adobe Reader/Acrobat components) that can be triggered by specially crafted SWF content or a crafted PDF/Flash combo via authplay.dll, leading to remote code execution or memory corruption DoS. Affected products ...
CVE-2011-0611
CVE-2011-0611 affects Adobe Flash Player before 10.2.154.27 (Windows/macOS/Linux/Solaris) and 10.2.156.12 and earlier on Android, plus Authplay.dll in Reader/Acrobat components. The vulnerability allows remote attackers to execute arbitrary code or cause a denial of service via crafted Flash cont...
CVE-2013-2729
CVE-2013-2729 : Integer overflow in Adobe Reader/Acrobat BMP/RLE image handling can lead to arbitrary code execution. Affected: Adobe Reader/Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. Root cause: heap/buffer overflow while parsing embedded BMP RLE resources in PDFs. Im...
CVE-2009-3953
CVE-2009-3953 affects Adobe Reader/Acrobat U3D handling in PDFs. The vulnerability arises from a CLODProgressiveMeshDeclaration array boundary issue in the U3D implementation, allowing remote code execution when processing malformed U3D data. Affected product versions include Acrobat/Reader 9.x p...
CVE-2008-0655
CVE-2008-0655 affects Adobe Acrobat/Reader (before 8.1.2). Connected advisories confirm multiple vulnerabilities in Adobe Reader/Acrobat, including JS API DOC.print could silently trigger printing, and PDF processing flaws that could enable arbitrary code execution. Red Hat RHSA-2008:0144 documen...
CVE-2009-4324
Adobe Reader/Acrobat (Windows/macOS) is affected by CVE-2009-4324 due to a use-after-free in Doc.media.newPlayer inside Multimedia.api. A crafted PDF with ZLib streams can trigger remote code execution. The vulnerability is reported as exploited in the wild in December 2009. Affected versions inc...
CVE-2011-2462
Adobe Reader/Acrobat U3D memory corruption vulnerability (CVE-2011-2462) affects Adobe Reader X (10.1.1) and earlier on Windows/macOS; Adobe Reader 9.x up to 9.4.6 on Windows, macOS, UNIX; exploitation could allow remote code execution or DoS via crafted U3D content. The issue is in the U3D parse...
CVE-2013-0641
CVE-2013-0641 is a buffer overflow in Adobe Reader and Acrobat versions prior to certain patches that allows a remote attacker to execute arbitrary code via a crafted PDF. The description specifies impact as remote code execution, with exploitation observed in the wild in February 2013. Affected ...
CVE-2010-2883
CVE-2010-2883 describes a stack-based buffer overflow in Adobe’s CoolType.dll (SING table handling) that affects Adobe Reader/Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Windows and macOS. A long field in a TTF font’s SING table in a PDF can allow remote code execution or cause a DoS (applicat...
CVE-2014-0546
Adobe Reader and Acrobat for Windows are affected by CVE-2014-0546 due to a sandbox bypass that enables attackers to execute native code in a privileged context via unspecified vectors. Affected products include Adobe Reader 10.x up to 10.1.11 and Acrobat 10.x up to 10.1.11 and 11.x up to 11.0.08...
CVE-2023-26369
Adobe Acrobat/Reader CVE-2023-26369 is an out-of-bounds write vulnerability that can enable arbitrary code execution in the context of the current user. Affected are Acrobat Reader 23.003.20284 and earlier, 20.005.30516 and earlier, and 20.005.30514 and earlier. Exploitation requires user interac...
CVE-2023-21608
Adobe Acrobat Reader DC/Reader affected by a Use-After-Free in resetForm leading to arbitrary code execution when a user opens a malicious file. Impact: code execution in the user context (high). Affected versions include 22.003.20282 and earlier for Windows/macOS and 20.005.30418 and earlier. Ro...
CVE-2009-2994
CVE-2009-2994 is described in connected advisories as a memory corruption vulnerability in Adobe Reader and Acrobat, caused by an index boundary error when handling U3D/CLODMeshDeclaration data in PDFs. This could allow remote code execution via specially crafted PDF documents. The advisories con...
CVE-2023-21579
CVE-2023-21579 affects Adobe Acrobat Reader, specifically versions 22.003.20282 and earlier, 22.003.20281 and earlier, and 20.005.30418 and earlier. The issue is an Integer Overflow or Wraparound in the font parsing code that can lead to arbitrary code execution in the context of the current user...
CVE-2010-1278
CVE-2010-1278 describes a buffer overflow in the gp.ocx ActiveX control (Atlcom.get_atlcom) used by Adobe Download Manager, affecting Adobe Reader/Acrobat 8.x before 8.2 and 9.x before 9.3. During initialization, two parameters are copied into a fixed-length buffer; oversized values can overflow ...
CVE-2026-34621
CVE-2026-34621 — Adobe Acrobat/Reader Prototype Pollution affects Acrobat Reader DC/Acrobat DC on Windows and macOS. Affected: Acrobat Reader DC 26.001.21367 and earlier; Acrobat DC 26.001.21367 and earlier; Acrobat 2024 24.001.30356 and earlier. Root cause: Improperly Controlled Modification of ...
CVE-2022-28269
CVE-2022-28269 affects Adobe Acrobat Reader DC and older Adobe Acrobat/Reader builds. The issue is a use-after-free in the processing of Annotation objects that can cause a memory leak in the context of the current user. Exploitation requires user interaction (victim opens a crafted file). Affect...
CVE-2022-28838
CVE-2022-28838 affects Adobe Acrobat Pro DC (versions 22.001.2011x and earlier; 20.005.3033x and earlier; 17.012.3022x and earlier). It is a use-after-free vulnerability in a component used during PDF processing that could allow arbitrary code execution in the current user context. Exploitation r...
CVE-2022-28266
CVE-2022-28266 affects Acrobat Reader DC and related Adobe products. The issue is an out-of-bounds read when parsing crafted PDF/files, potentially allowing read past end of an allocated memory structure and bypassing mitigations such as ASLR. Exploitation requires user interaction (the victim mu...
CVE-2013-2727
CVE-2013-2727 affects Adobe Reader and Acrobat: an integer overflow in 9.x (before 9.5.5), 10.x (before 10.1.7), and 11.x (before 11.0.03) can allow arbitrary code execution via unspecified vectors. Root cause is an integer overflow in parsing input; impact is remote code execution. Remediation p...
CVE-2023-44336
CVE-2023-44336 affects multiple Adobe Acrobat/Reader DC products (Desktop variants: Classic, DC Continuous/Continuous, and Reader DC) on Windows and macOS. The issue is a Use-After-Free vulnerability in Acrobat components that can lead to arbitrary code execution in the context of the current use...
CVE-2013-2719
CVE-2013-3346 affects Adobe Reader/Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. Root cause: memory corruption via unspecified vectors; can lead to arbitrary code execution or Denial of Service. Remediation (per connected advisories): upgrade to Adobe Reader/Acrobat 9.5.5...
CVE-2009-0658
CVE-2009-0658 concerns a buffer overflow in the JBIG2 decoder used by Adobe Reader (9.0 and earlier) and Acrobat (9.0 and earlier) when processing JBIG2 image streams embedded in PDFs. The underlying issue is a memory/buffer handling error in the JBIG2 decoder, enabling remote code execution via ...
CVE-2013-2718
CVE-2013-3346 affects Adobe Reader and Acrobat: 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03. It enables memory corruption leading to arbitrary code execution or a denial of service via unspecified vectors. Root cause is a memory corruption vulnerability distinct from CVE-2...
CVE-2013-2731
CVE-2013-2731 affects Adobe Reader/Acrobat on versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The connected advisories confirm memory-corruption/arbitrary-code and DoS risks via unspecified vectors, consistent with Adobe’s patch line. Affected products should update to the...
CVE-2022-34221
CVE-2022-34221 affects Adobe Acrobat Reader: versions 22.001.20142 and earlier, 20.005.30334 and earlier, and 17.012.30229 and earlier are affected by an Access of Resource Using Incompatible Type (Type Confusion) vulnerability that could enable arbitrary code execution in the context of the curr...
CVE-2013-2732
CVE-2013-2732 affects Adobe Reader and Acrobat across 9.x (before 9.5.5), 10.x (before 10.1.7), and 11.x (before 11.0.03). Root cause: memory corruption via unspecified vectors allowing arbitrary code execution or DoS. Impact is consistent with the description (arbitrary code execution or denial ...
CVE-2013-2735
Adobe Reader/Acrobat in vulnerable branches (9.x prior to 9.5.5, 10.x prior to 10.1.7, 11.x prior to 11.0.03) is affected by CVE-2013-2735 through memory corruption that can lead to arbitrary code execution or a denial of service. The issue is described as a memory corruption in unspecified vecto...
CVE-2013-3339
CVE-2013-3339 affects Adobe Reader and Acrobat: 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03, enabling arbitrary code execution or memory corruption via unspecified vectors. Connected advisories indicate a vendor patch exists (e.g., RHSA-2013:0826; openSUSE openSUSE-2013:0990) an...
CVE-2024-49530
CVE-2024-49530 affects multiple Adobe Acrobat Reader variants (including 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier). The exploit is a Use-After-Free vulnerability in which arbitrary code execution could occur in the context of the current user. Exploitation ...
CVE-2013-3337
Adobe Reader/Acrobat is affected by CVE-2013-3346: memory corruption leading to possible arbitrary code execution via unspecified vectors in versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The connected advisories (e.g., RHSA-2013:0826; GLSA-201308-03) indicate updating to...
CVE-2022-27793
CVE-2022-27793 describes a font-parsing out-of-bounds write in Adobe Acrobat/Reader DC. Affected: Acrobat Reader DC 22.001.20085 and earlier; 20.005.3031x and earlier; 17.012.30205 and earlier. Impact: arbitrary code execution in the context of the current user; exploitation requires user interac...
CVE-2016-4270
Technical details about CVE-2016-4270 are not publicly provided in the supplied documents; monitor for official advisories for affected products, vulnerable components, impact, and fixes.
CVE-2022-34230
CVE-2022-34230 concerns Adobe Acrobat Reader/Acrobat vulnerabilities in the Use-After-Free class that can lead to arbitrary code execution. Affected products include Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier), and 17.012.30229 (and earlier); related entries doc...
CVE-2013-2720
CVE-2013-3346 affects Adobe Reader/Acrobat: versions 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03. The vulnerability enables memory corruption via unspecified vectors, potentially allowing arbitrary code execution or a denial of service. Root cause is memory corruption within com...
CVE-2013-2721
Technical details for CVE-2013-2721 are not publicly available in the provided documents. Please monitor vendor advisories and security bulletins for affected versions, impact, and remediation.
CVE-2022-24104
CVE-2022-24104 is a use-after-free vulnerability in Adobe Acrobat Reader DC affecting versions 20.001.20085 and earlier, 20.005.3031x and earlier, and 17.012.30205 and earlier. The flaw could allow arbitrary code execution in the context of the current user and exploitation requires user interact...
CVE-2013-2726
CVE-2013-3346 affects Adobe Reader/Acrobat 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03. The connected advisories identify a memory corruption vulnerability that allows an attacker to execute arbitrary code or cause a denial of service via unspecified vectors. The root caus...
CVE-2013-3338
CVE-2013-3346 affects Adobe Reader and Acrobat: versions 9.x prior to 9.5.5, 10.x prior to 10.1.7, and 11.x prior to 11.0.03 are vulnerable. The vulnerability allows arbitrary code execution or a denial of service (memory corruption) via unspecified vectors and is described as different from othe...
CVE-2012-4159
Technical details for CVE-2012-4159 are not provided in the supplied documents; no affected products, impact, or remediation are disclosed here. Monitor for updates.