Acrobat Reader@7.0.1 Security Vulnerabilities and Issues — Acrobat Reader@7.0.1 CVE List

Lucene search

AdobeAcrobat Reader7.0.1

57 matches found

CVE•added 2009/10/19 10:30 p.m.•247 views

CVE-2009-2994

Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.5AI score0.42796EPSS

CVE•added 2009/06/11 3:30 p.m.•144 views

CVE-2009-1861

Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file ...

9.3CVSS7.9AI score0.07937EPSS

CVE•added 2009/06/11 3:30 p.m.•143 views

CVE-2009-1857

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font.

9.3CVSS7.9AI score0.10184EPSS

CVE•added 2009/06/11 3:30 p.m.•139 views

CVE-2009-1859

Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.7AI score0.08902EPSS

CVE•added 2010/09/15 6:0 p.m.•76 views

CVE-2010-2884

Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on Android; authplay.dll in Adobe Reader and Acrobat 9.x before 9.4; and authplay.dll in Adobe Reader and Acrobat 8.x before 8.2.5 on Windows and Mac OS X allow remote attackers to execute arbitrary co...

9.3CVSS9.7AI score0.39683EPSS

CVE•added 2007/01/03 9:28 p.m.•69 views

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

4.3CVSS5.3AI score0.63944EPSS

CVE•added 2010/01/13 7:30 p.m.•68 views

CVE-2009-3959

Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.

10CVSS7.7AI score0.16203EPSS

CVE•added 2010/01/13 7:30 p.m.•67 views

CVE-2009-3957

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to cause a denial of service (NULL pointer dereference) via unspecified vectors.

5CVSS6.3AI score0.01386EPSS

CVE•added 2008/06/04 7:32 p.m.•66 views

CVE-2008-2549

Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.

4.3CVSS7.5AI score0.59505EPSS

CVE•added 2009/10/19 10:30 p.m.•66 views

CVE-2009-2985

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2996.

9.3CVSS7.7AI score0.19987EPSS

CVE•added 2009/10/19 10:30 p.m.•66 views

CVE-2009-2998

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458.

9.3CVSS7.3AI score0.49031EPSS

CVE•added 2006/02/02 11:2 a.m.•65 views

CVE-2006-0525

Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs.

4.6CVSS6.6AI score0.00237EPSS

CVE•added 2006/12/03 7:28 p.m.•65 views

CVE-2006-6236

Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the (1) src, (2) setPageMode, (3) setLayoutMode, and (4) setNamedDest methods in an AcroPDF ActiveX control, a different set o...

9.3CVSS7.5AI score0.53628EPSS

CVE•added 2009/03/25 1:30 a.m.•64 views

CVE-2009-0928

Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.

10CVSS8AI score0.11407EPSS

CVE•added 2010/01/13 7:30 p.m.•64 views

CVE-2009-3955

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leadin...

10CVSS7.4AI score0.36195EPSS

CVE•added 2009/10/19 10:30 p.m.•62 views

CVE-2009-2996

9.3CVSS7.7AI score0.19987EPSS

CVE•added 2010/01/13 7:30 p.m.•62 views

CVE-2009-3954

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability."

10CVSS7.4AI score0.06276EPSS

CVE•added 2009/06/11 3:30 p.m.•61 views

CVE-2009-0509

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption.

9.3CVSS7.9AI score0.04377EPSS

CVE•added 2009/06/11 3:30 p.m.•61 views

CVE-2009-0511

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-20...

9.3CVSS8AI score0.1211EPSS

CVE•added 2009/06/11 3:30 p.m.•61 views

CVE-2009-1855

Stack-based buffer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via a PDF file containing a malformed U3D model file with a crafted extension block.

9.3CVSS7.8AI score0.29242EPSS

CVE•added 2009/10/19 10:30 p.m.•61 views

CVE-2009-3458

9.3CVSS7.3AI score0.49031EPSS

CVE•added 2009/06/11 3:30 p.m.•59 views

CVE-2009-0510

9.3CVSS8AI score0.1211EPSS

CVE•added 2009/10/19 10:30 p.m.•59 views

CVE-2009-2990

Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.3AI score0.87912EPSS

CVE•added 2009/10/19 10:30 p.m.•58 views

CVE-2009-2980

Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.

9.3CVSS7.8AI score0.48748EPSS

CVE•added 2010/01/13 7:30 p.m.•58 views

CVE-2009-3956

The default configuration of Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, does not enable the Enhanced Security feature, which has unspecified impact and attack vectors, related to a "script injection vulnerability," as demonstrated by Acrobat Forms Data Form...

10CVSS5.7AI score0.05446EPSS

CVE•added 2007/01/10 2:0 a.m.•57 views

CVE-2006-5857

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.

9.3CVSS6.8AI score0.22237EPSS

CVE•added 2009/06/11 3:30 p.m.•57 views

CVE-2009-0512

9.3CVSS8AI score0.1211EPSS

CVE•added 2009/06/11 3:30 p.m.•57 views

CVE-2009-1858

The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.

9.3CVSS7.7AI score0.13242EPSS

CVE•added 2009/10/19 10:30 p.m.•57 views

CVE-2009-2997

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.6AI score0.37028EPSS

CVE•added 2010/01/13 7:30 p.m.•57 views

CVE-2009-3958

Multiple stack-based buffer overflows in the NOS Microsystems getPlus Helper ActiveX control before 1.6.2.49 in gp.ocx in the Download Manager in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow remote attackers to execute arbitrary code via unspecifi...

10CVSS7.7AI score0.65347EPSS

CVE•added 2007/01/03 9:28 p.m.•56 views

CVE-2007-0048

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long seq...

5CVSS6.2AI score0.51663EPSS

CVE•added 2007/03/02 9:18 p.m.•56 views

CVE-2007-1199

Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <>, a different issue than CVE-2007-0045.

4.3CVSS6.3AI score0.63944EPSS

CVE•added 2009/10/19 10:30 p.m.•55 views

CVE-2009-2988

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.

4.3CVSS6.1AI score0.01341EPSS

CVE•added 2009/10/19 10:30 p.m.•55 views

CVE-2009-2991

Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors.

9.3CVSS7.3AI score0.21854EPSS

CVE•added 2009/09/25 11:30 p.m.•55 views

CVE-2009-3431

Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (op...

5CVSS6.3AI score0.2555EPSS

CVE•added 2007/01/03 9:28 p.m.•54 views

CVE-2007-0044

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character...

4.3CVSS6.2AI score0.54871EPSS

CVE•added 2009/06/11 3:30 p.m.•54 views

CVE-2009-0889

9.3CVSS7.9AI score0.1211EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2981

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to bypass intended Trust Manager restrictions via unspecified vectors.

9.3CVSS6.2AI score0.07238EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2983

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

9.3CVSS7.6AI score0.57483EPSS

CVE•added 2009/10/19 10:30 p.m.•54 views

CVE-2009-2986

Multiple heap-based buffer overflows in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.

9.3CVSS7.4AI score0.37028EPSS

CVE•added 2009/06/11 3:30 p.m.•53 views

CVE-2009-0198

Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a cra...

9.3CVSS8.1AI score0.06747EPSS

CVE•added 2009/06/11 3:30 p.m.•53 views

CVE-2009-1856

Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecod...

9.3CVSS8.2AI score0.26111EPSS

CVE•added 2005/08/16 4:0 a.m.•52 views

CVE-2005-2470

Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors.

7.5CVSS7.5AI score0.05582EPSS

CVE•added 2009/10/19 10:30 p.m.•52 views

CVE-2009-2979

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.

4.3CVSS6.3AI score0.01788EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-2992

An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.

4.3CVSS6.2AI score0.02148EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-2993

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and po...

9.3CVSS6.9AI score0.09132EPSS

CVE•added 2009/10/19 10:30 p.m.•51 views

CVE-2009-3462

Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."

5.1CVSS7.3AI score0.03482EPSS

CVE•added 2009/10/19 10:30 p.m.•50 views

CVE-2009-2982

An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.

9.3CVSS6.3AI score0.01021EPSS

CVE•added 2012/08/21 10:46 a.m.•50 views

CVE-2012-4363

Multiple unspecified vulnerabilities in Adobe Reader through 10.1.4 allow remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted PDF document, related to "sixteen more crashes affecting Windows, OS X, or both systems."

9.3CVSS8AI score0.13477EPSS

CVE•added 2006/11/21 11:7 p.m.•49 views

CVE-2006-6027

Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.

9.3CVSS7.5AI score0.53628EPSS

Total number of security vulnerabilities57