Acrobat Reader Security Vulnerabilities and Issues — Page 2 of Acrobat Reader CVE List

Lucene search

AdobeAcrobat Reader

1251 matches found

CVE•added 2013/05/16 11:45 a.m.•166 views

CVE-2013-3339

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•165 views

CVE-2013-2722

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•165 views

CVE-2013-2736

10CVSS7.7AI score0.18885EPSS

CVE•added 2022/05/11 6:15 p.m.•164 views

CVE-2022-28837

Acrobat Pro DC version 22.001.2011x (and earlier), 20.005.3033x (and earlier) and 17.012.3022x (and earlier) are affected by a use-after-free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitati...

5.5CVSS5.6AI score0.0062EPSS

CVE•added 2024/12/10 8:15 p.m.•164 views

CVE-2024-49531

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by a NULL Pointer Dereference vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to ...

5.5CVSS6.4AI score0.00029EPSS

CVE•added 2013/05/16 11:45 a.m.•163 views

CVE-2013-3340

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•163 views

CVE-2013-3341

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/09/12 1:28 p.m.•163 views

CVE-2013-3353

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3356.

10CVSS7.7AI score0.4398EPSS

CVE•added 2013/05/16 11:45 a.m.•161 views

CVE-2013-2723

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•161 views

CVE-2013-2725

10CVSS7.7AI score0.18885EPSS

CVE•added 2011/02/10 6:0 p.m.•156 views

CVE-2011-0596

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which trig...

9.3CVSS7.6AI score0.12676EPSS

CVE•added 2012/08/15 10:31 a.m.•155 views

CVE-2012-4148

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4149, CVE-2012-4150, CVE...

10CVSS7.6AI score0.19383EPSS

CVE•added 2024/12/10 8:15 p.m.•154 views

CVE-2024-49535

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an Improper Restriction of XML External Entity Reference ('XXE') vulnerability that allows an attacker to provide malicious XML input containing a reference to an external entity...

6.3CVSS5.9AI score0.00027EPSS

CVE•added 2011/02/10 6:0 p.m.•151 views

CVE-2011-0590

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file, a different vulnerability than CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.

9.3CVSS7.4AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•150 views

CVE-2012-4150

10CVSS7.6AI score0.19383EPSS

CVE•added 2011/02/10 6:0 p.m.•149 views

CVE-2011-0593

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•148 views

CVE-2012-4155

10CVSS7.6AI score0.19383EPSS

CVE•added 2012/04/10 11:55 p.m.•147 views

CVE-2012-0775

The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS9.5AI score0.22627EPSS

CVE•added 2022/03/18 6:15 p.m.•147 views

CVE-2022-24092

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction...

9.3CVSS7.7AI score0.11446EPSS

CVE•added 2013/09/12 1:28 p.m.•146 views

CVE-2013-3351

Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.42548EPSS

CVE•added 2009/06/11 3:30 p.m.•145 views

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file ...

9.3CVSS7.9AI score0.07937EPSS

CVE•added 2010/08/05 6:17 p.m.•145 views

CVE-2010-2862

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

9.3CVSS7.7AI score0.41938EPSS

CVE•added 2012/08/15 10:31 a.m.•145 views

CVE-2012-4152

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/09/12 1:28 p.m.•145 views

CVE-2013-3358

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357.

10CVSS7.7AI score0.37538EPSS

CVE•added 2009/06/11 3:30 p.m.•144 views

CVE-2009-1857

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font.

9.3CVSS7.9AI score0.10184EPSS

CVE•added 2011/02/10 6:0 p.m.•144 views

CVE-2011-0591

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerabi...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•144 views

CVE-2012-4149

10CVSS7.6AI score0.19383EPSS

CVE•added 2012/08/15 10:31 a.m.•144 views

CVE-2012-4157

10CVSS7.6AI score0.19383EPSS

CVE•added 2010/04/05 3:30 p.m.•143 views

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF ...

9.3CVSS6.2AI score0.92002EPSS

CVE•added 2012/08/15 10:31 a.m.•143 views

CVE-2012-4151

10CVSS7.6AI score0.19383EPSS

CVE•added 2011/02/10 6:0 p.m.•142 views

CVE-2011-0599

The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression,...

9.3CVSS7.3AI score0.12676EPSS

CVE•added 2012/08/15 10:31 a.m.•141 views

CVE-2012-4154

10CVSS7.6AI score0.19383EPSS

CVE•added 2023/11/16 10:15 a.m.•141 views

CVE-2023-44372

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...

7.8CVSS7.8AI score0.00414EPSS

CVE•added 2009/06/11 3:30 p.m.•140 views

CVE-2009-1859

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.7AI score0.08902EPSS

CVE•added 2012/04/10 11:55 p.m.•140 views

CVE-2012-0774

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.

10CVSS9.5AI score0.36793EPSS

CVE•added 2012/08/15 10:31 a.m.•140 views

CVE-2012-4147

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/09/12 1:28 p.m.•140 views

CVE-2013-3356

10CVSS7.7AI score0.4398EPSS

CVE•added 2013/10/09 2:54 p.m.•140 views

CVE-2013-5325

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document.

9.3CVSS7.3AI score0.00832EPSS

CVE•added 2013/01/10 11:56 a.m.•139 views

CVE-2013-0604

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.

10CVSS7.8AI score0.18037EPSS

CVE•added 2013/01/10 11:56 a.m.•139 views

CVE-2013-0621

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617.

10CVSS7.5AI score0.18037EPSS

CVE•added 2012/08/15 10:31 a.m.•138 views

CVE-2012-1525

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.46509EPSS

CVE•added 2013/01/10 11:56 a.m.•137 views

CVE-2012-1530

Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption wh...

10CVSS7.8AI score0.10124EPSS

CVE•added 2013/01/10 11:56 a.m.•137 views

CVE-2013-0622

Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624.

10CVSS6.3AI score0.09246EPSS

CVE•added 2009/03/25 1:30 a.m.•136 views

CVE-2009-1062

Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.

9.3CVSS7.9AI score0.13522EPSS

CVE•added 2012/08/15 10:31 a.m.•136 views

CVE-2012-2050

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.3039EPSS

CVE•added 2013/09/12 1:28 p.m.•136 views

CVE-2013-3355

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354.

10CVSS9.6AI score0.26105EPSS

CVE•added 2024/12/10 8:15 p.m.•136 views

CVE-2024-49532

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitat...

5.5CVSS6.1AI score0.00038EPSS

CVE•added 2011/02/10 6:0 p.m.•135 views

CVE-2011-0592

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerabilit...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•135 views

CVE-2012-2049

Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.9AI score0.31225EPSS

CVE•added 2012/08/15 10:31 a.m.•133 views

CVE-2012-4153

10CVSS7.6AI score0.19383EPSS

Total number of security vulnerabilities1251