Acrobat Security Vulnerabilities and Issues — Page 25 of Acrobat CVE List

CVE-2016-7008

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE-2016-7009

CVE-2016-7016

CVE-2016-7017

CVE•added 2018/02/27 5:29 a.m.•49 views

CVE-2018-4888

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability. The vulnerability is triggered by a crafted PDF file that can cause a m...

8.8CVSS9.2AI score0.0267EPSS

CVE•added 2018/02/27 5:29 a.m.•49 views

CVE-2018-4894

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.01979EPSS

CVE•added 2005/06/15 4:0 a.m.•48 views

CVE-2005-1306

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."

7.5CVSS7.5AI score0.16058EPSS

CVE•added 2009/06/11 3:30 p.m.•48 views

CVE-2009-2028

Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."

10CVSS6.6AI score0.04066EPSS

CVE•added 2009/10/19 10:30 p.m.•48 views

CVE-2009-2987

Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.

4.3CVSS6.4AI score0.01376EPSS

CVE•added 2009/10/19 10:30 p.m.•48 views

CVE-2009-3460

Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

9.3CVSS7.8AI score0.22185EPSS

CVE•added 2010/04/14 4:0 p.m.•48 views

CVE-2010-0203

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0198, CVE-2010-0199, and CVE-2010-0202.

9.3CVSS7.6AI score0.26977EPSS

CVE•added 2010/10/06 5:0 p.m.•48 views

CVE-2010-2887

Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attackers to gain privileges via unknown vectors.

9.3CVSS6.7AI score0.04375EPSS

CVE•added 2011/02/10 6:0 p.m.•48 views

CVE-2011-0594

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.

9.3CVSS7.5AI score0.0793EPSS

CVE•added 2014/01/30 3:6 p.m.•48 views

CVE-2013-1376

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0606, CVE-2013-0612, CVE-2013-0615, CVE-2013-0617, and CVE-2013-0621.

10CVSS7.6AI score0.23023EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0560

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.15201EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0561

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-0567.

10CVSS7.9AI score0.41354EPSS

CVE•added 2014/09/17 10:55 a.m.•48 views

CVE-2014-0562

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

4.3CVSS5.2AI score0.00649EPSS

CVE•added 2014/12/10 9:59 p.m.•48 views

CVE-2014-8458

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE...

10CVSS7.6AI score0.27545EPSS

CVE•added 2015/07/15 2:59 p.m.•48 views

CVE-2015-5096

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unsp...

10CVSS7.9AI score0.04398EPSS

CVE•added 2015/10/14 11:59 p.m.•48 views

CVE-2015-6688

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.16 and 11.x before 11.0.13, Acrobat and Acrobat Reader DC Classic before 2015.006.30094, and Acrobat and Acrobat Reader DC Continuous before 2015.009.20069 on Windows and OS X allows attackers to execute arbitrary code via a ...

6.8CVSS7.1AI score0.04034EPSS

CVE•added 2016/05/11 10:59 a.m.•48 views

CVE-2016-1078

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE-2016-1116

CVE-2016-1118

10CVSS9.8AI score0.12444EPSS

CVE-2016-4092

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vuln...

CVE-2016-4096

CVE-2016-4099

CVE-2016-4103

CVE-2016-4105

CVE•added 2016/10/13 7:59 p.m.•48 views

CVE-2016-6941

CVE•added 2016/10/13 7:59 p.m.•48 views

CVE-2016-6957

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

10CVSS9.3AI score0.11345EPSS

CVE•added 2016/10/13 7:59 p.m.•48 views

CVE-2016-6971

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

CVE•added 2016/10/13 8:0 p.m.•48 views

CVE-2016-7011

CVE•added 2024/08/14 3:15 p.m.•48 views

CVE-2024-39424

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

7.8CVSS7.8AI score0.00081EPSS

CVE•added 2003/06/16 4:0 a.m.•47 views

CVE-2003-0284

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.

7.5CVSS6.7AI score0.01384EPSS

CVE•added 2008/09/15 3:14 p.m.•47 views

CVE-2008-4071

A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property value with an invalid acroie:// URL.

5CVSS6.5AI score0.01699EPSS

CVE•added 2010/04/14 4:0 p.m.•47 views

CVE-2010-0192

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196.

9.3CVSS9.6AI score0.41095EPSS

CVE•added 2010/04/14 4:0 p.m.•47 views

CVE-2010-0193

9.3CVSS9.6AI score0.41095EPSS

CVE•added 2010/04/14 4:0 p.m.•47 views

CVE-2010-0198

9.3CVSS7.6AI score0.26977EPSS

CVE•added 2014/12/10 9:59 p.m.•47 views

CVE-2014-8455

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165.

10CVSS7.4AI score0.2145EPSS

CVE•added 2016/05/11 11:0 a.m.•47 views

CVE-2016-1128

CVE•added 2016/05/11 11:1 a.m.•47 views

CVE-2016-4107

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

10CVSS8.3AI score0.06624EPSS

CVE•added 2016/07/13 2:0 a.m.•47 views

CVE-2016-4210

Integer overflow in Adobe Reader and Acrobat before 11.0.17, Acrobat and Acrobat Reader DC Classic before 15.006.30198, and Acrobat and Acrobat Reader DC Continuous before 15.017.20050 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.02846EPSS

10CVSS9.8AI score0.05144EPSS

CVE-2016-6939

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vuln...

CVE-2016-6945

CVE-2016-6946

CVE-2016-6950

CVE-2016-6964

CVE-2016-6975

CVE•added 2016/10/13 8:0 p.m.•47 views

CVE-2016-6999

Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.13289EPSS

CVE•added 2016/10/13 8:0 p.m.•47 views

CVE-2016-7010