Acrobat Reader Security Vulnerabilities and Issues — Acrobat Reader CVE List

Lucene search

AdobeAcrobat Reader

7 matches found

CVE•added 2007/01/03 9:28 p.m.•70 views

CVE-2007-0045

Multiple cross-site scripting (XSS) vulnerabilities in Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, for Mozilla Firefox, Microsoft Internet Explorer 6 SP1, Google Chrome, Opera 8.5.4 build 770...

4.3CVSS5.3AI score0.63944EPSS

CVE•added 2007/01/10 2:0 a.m.•58 views

CVE-2006-5857

Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.

9.3CVSS6.8AI score0.22237EPSS

CVE•added 2007/01/03 9:28 p.m.•57 views

CVE-2007-0044

Adobe Acrobat Reader Plugin before 8.0.0 for the Firefox, Internet Explorer, and Opera web browsers allows remote attackers to force the browser to make unauthorized requests to other web sites via a URL in the (1) FDF, (2) xml, and (3) xfdf AJAX request parameters, following the # (hash) character...

4.3CVSS6.2AI score0.54871EPSS

CVE•added 2007/01/03 9:28 p.m.•56 views

CVE-2007-0048

Adobe Acrobat Reader Plugin before 8.0.0, and possibly the plugin distributed with Adobe Reader 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2, when used with Internet Explorer, Google Chrome, or Opera, allows remote attackers to cause a denial of service (memory consumption) via a long seq...

5CVSS6.2AI score0.51663EPSS

CVE•added 2007/01/09 12:28 a.m.•52 views

CVE-2007-0103

The Adobe PDF specification 1.3, as implemented by Adobe Acrobat before 8.0.0, allows remote attackers to have an unknown impact, possibly including denial of service (infinite loop), arbitrary code execution, or memory corruption, via a PDF file with a (1) crafted catalog dictionary or (2) a craft...

6.8CVSS7AI score0.33323EPSS

CVE•added 2007/01/03 9:28 p.m.•50 views

CVE-2007-0046

Double free vulnerability in the Adobe Acrobat Reader Plugin before 8.0.0, as used in Mozilla Firefox 1.5.0.7, allows remote attackers to execute arbitrary code by causing an error via a javascript: URI call to document.write in the (1) FDF, (2) XML, or (3) XFDF AJAX request parameters.

7.5CVSS7.2AI score0.6726EPSS

CVE•added 2007/01/03 9:28 p.m.•48 views

CVE-2007-0047

CRLF injection vulnerability in Adobe Acrobat Reader Plugin before 8.0.0, when used with the Microsoft.XMLHTTP ActiveX object in Internet Explorer, allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via CRLF sequences in the javascript: URI in the (...

6.8CVSS6.6AI score0.05048EPSS