Acrobat Reader Security Vulnerabilities and Issues — Page 2 of Acrobat Reader CVE List

Lucene search

AdobeAcrobat Reader

1251 matches found

CVE•added 2011/02/10 6:0 p.m.•148 views

CVE-2011-0593

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•148 views

CVE-2012-4155

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE...

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•147 views

CVE-2013-3337

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2...

10CVSS7.7AI score0.18885EPSS

CVE•added 2022/03/18 6:15 p.m.•147 views

CVE-2022-24092

Acrobat Reader DC version 21.007.20099 (and earlier), 20.004.30017 (and earlier) and 17.011.30204 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction...

9.3CVSS7.7AI score0.11446EPSS

CVE•added 2012/04/10 11:55 p.m.•146 views

CVE-2012-0775

The JavaScript implementation in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

10CVSS9.5AI score0.22627EPSS

CVE•added 2013/09/12 1:28 p.m.•146 views

CVE-2013-3351

Multiple stack-based buffer overflows in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.42548EPSS

CVE•added 2009/02/20 7:30 p.m.•145 views

CVE-2009-0658

Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidi...

9.3CVSS7.9AI score0.90801EPSS

CVE•added 2012/08/15 10:31 a.m.•145 views

CVE-2012-4152

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•145 views

CVE-2013-2721

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/09/12 1:28 p.m.•145 views

CVE-2013-3358

Integer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3357.

10CVSS7.7AI score0.37538EPSS

CVE•added 2008/02/11 9:0 p.m.•144 views

CVE-2008-0667

The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.

4.3CVSS6.3AI score0.71023EPSS

CVE•added 2009/06/11 3:30 p.m.•144 views

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file ...

9.3CVSS7.9AI score0.07937EPSS

CVE•added 2010/08/05 6:17 p.m.•144 views

CVE-2010-2862

Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote attackers to execute arbitrary code via a TrueType font with a large maxCompositePoints value in a Maximum Profile (maxp) table.

9.3CVSS7.7AI score0.41938EPSS

CVE•added 2012/08/15 10:31 a.m.•144 views

CVE-2012-4149

10CVSS7.6AI score0.19383EPSS

CVE•added 2012/08/15 10:31 a.m.•144 views

CVE-2012-4157

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•144 views

CVE-2013-2720

10CVSS7.7AI score0.18885EPSS

CVE•added 2009/06/11 3:30 p.m.•143 views

CVE-2009-1857

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font.

9.3CVSS7.9AI score0.10184EPSS

CVE•added 2011/02/10 6:0 p.m.•143 views

CVE-2011-0591

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to Texture and rgba, a different vulnerabi...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2013/05/16 11:45 a.m.•143 views

CVE-2013-3338

10CVSS7.7AI score0.18885EPSS

CVE•added 2012/08/15 10:31 a.m.•142 views

CVE-2012-4151

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•142 views

CVE-2013-2726

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•142 views

CVE-2013-3339

10CVSS7.7AI score0.18885EPSS

CVE•added 2011/02/10 6:0 p.m.•141 views

CVE-2011-0599

The Bitmap parsing component in rt3d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted image that causes an invalid pointer calculation related to 4/8-bit RLE compression,...

9.3CVSS7.3AI score0.12676EPSS

CVE•added 2012/08/15 10:31 a.m.•141 views

CVE-2012-4154

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•141 views

CVE-2013-2722

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•141 views

CVE-2013-2734

10CVSS7.7AI score0.18885EPSS

CVE•added 2023/11/16 10:15 a.m.•141 views

CVE-2023-44372

Adobe Acrobat Reader versions 23.006.20360 (and earlier) and 20.005.30524 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a ...

7.8CVSS7.8AI score0.00414EPSS

CVE•added 2010/04/05 3:30 p.m.•140 views

CVE-2010-1240

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF ...

9.3CVSS6.2AI score0.92002EPSS

CVE•added 2012/08/15 10:31 a.m.•140 views

CVE-2012-4147

10CVSS7.6AI score0.19383EPSS

CVE•added 2013/05/16 11:45 a.m.•140 views

CVE-2013-2736

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/09/12 1:28 p.m.•140 views

CVE-2013-3356

Buffer overflow in Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-3353.

10CVSS7.7AI score0.4398EPSS

CVE•added 2013/10/09 2:54 p.m.•140 views

CVE-2013-5325

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document.

9.3CVSS7.3AI score0.00832EPSS

CVE•added 2009/06/11 3:30 p.m.•139 views

CVE-2009-1859

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.7AI score0.08902EPSS

CVE•added 2012/04/10 11:55 p.m.•139 views

CVE-2012-0774

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.

10CVSS9.5AI score0.36793EPSS

CVE•added 2013/05/16 11:45 a.m.•139 views

CVE-2013-3340

10CVSS7.7AI score0.18885EPSS

CVE•added 2012/08/15 10:31 a.m.•138 views

CVE-2012-1525

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.46509EPSS

CVE•added 2013/01/10 11:56 a.m.•138 views

CVE-2013-0604

Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0603.

10CVSS7.8AI score0.18037EPSS

CVE•added 2013/01/10 11:56 a.m.•138 views

CVE-2013-0621

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, and CVE-2013-0617.

10CVSS7.5AI score0.18037EPSS

CVE•added 2013/05/16 11:45 a.m.•138 views

CVE-2013-2723

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/05/16 11:45 a.m.•138 views

CVE-2013-3341

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/01/10 11:56 a.m.•137 views

CVE-2013-0622

Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624.

10CVSS6.3AI score0.09246EPSS

CVE•added 2013/05/16 11:45 a.m.•137 views

CVE-2013-2725

10CVSS7.7AI score0.18885EPSS

CVE•added 2013/01/10 11:56 a.m.•136 views

CVE-2012-1530

Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption wh...

10CVSS7.8AI score0.10124EPSS

CVE•added 2012/08/15 10:31 a.m.•136 views

CVE-2012-2050

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.7AI score0.3039EPSS

CVE•added 2013/09/12 1:28 p.m.•136 views

CVE-2013-3355

Adobe Reader and Acrobat before 10.1.8 and 11.x before 11.0.04 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-3352 and CVE-2013-3354.

10CVSS9.6AI score0.26105EPSS

CVE•added 2024/12/10 8:15 p.m.•136 views

CVE-2024-49532

Acrobat Reader versions 24.005.20307, 24.001.30213, 24.001.30193, 20.005.30730, 20.005.30710 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitat...

5.5CVSS6.1AI score0.00035EPSS

CVE•added 2009/03/25 1:30 a.m.•135 views

CVE-2009-1062

Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to trigger memory corruption and possibly execute arbitrary code via unknown attack vectors related to JBIG2, a different vulnerability than CVE-2009-0193 and CVE-2009-1061.

9.3CVSS7.9AI score0.13522EPSS

CVE•added 2012/08/15 10:31 a.m.•135 views

CVE-2012-2049

Stack-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.9AI score0.31225EPSS

CVE•added 2011/02/10 6:0 p.m.•134 views

CVE-2011-0592

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerabilit...

9.3CVSS7.8AI score0.12036EPSS

CVE•added 2012/08/15 10:31 a.m.•133 views

CVE-2012-4153

10CVSS7.6AI score0.19383EPSS

Total number of security vulnerabilities1251