Acrobat Security Vulnerabilities and Issues — Page 25 of Acrobat CVE List

CVE-2016-1126

Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

CVE-2016-4096

CVE-2016-4103

CVE-2016-4104

cve•added 2016/10/13 7:59 p.m.•50 views

CVE-2016-6966

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors...

cve•added 2016/10/13 7:59 p.m.•50 views

CVE-2016-6967

Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vu...

10CVSS9.8AI score0.0216EPSS

10CVSS9.8AI score0.0216EPSS

CVE-2016-6993

CVE-2016-7001

CVE-2016-7008

CVE-2016-7009

CVE-2016-7016

CVE-2016-7017

cve•added 2018/02/27 5:29 a.m.•50 views

CVE-2018-4888

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability. The vulnerability is triggered by a crafted PDF file that can cause a m...

8.8CVSS9.2AI score0.0267EPSS

cve•added 2018/02/27 5:29 a.m.•50 views

CVE-2018-4894

An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of t...

6.5CVSS7.5AI score0.01979EPSS

cve•added 2005/06/15 4:0 a.m.•49 views

CVE-2005-1306

The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."

7.5CVSS7.5AI score0.16058EPSS

cve•added 2009/10/19 10:30 p.m.•49 views

CVE-2009-3460

Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

9.3CVSS7.8AI score0.22185EPSS

cve•added 2010/04/14 4:0 p.m.•49 views

CVE-2010-0192

Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196.

9.3CVSS9.6AI score0.41095EPSS

cve•added 2010/04/14 4:0 p.m.•49 views

CVE-2010-0193

9.3CVSS9.6AI score0.41095EPSS

cve•added 2010/04/14 4:0 p.m.•49 views

CVE-2010-0198

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-0199, CVE-2010-0202, and CVE-2010-0203.

9.3CVSS7.6AI score0.26977EPSS

cve•added 2014/09/17 10:55 a.m.•49 views

CVE-2014-0560

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS7.5AI score0.15201EPSS

cve•added 2014/09/17 10:55 a.m.•49 views

CVE-2014-0562

Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)."

4.3CVSS5.2AI score0.00649EPSS

cve•added 2014/12/10 9:59 p.m.•49 views

CVE-2014-8455

Use-after-free vulnerability in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-8454 and CVE-2014-9165.

10CVSS7.4AI score0.2145EPSS

cve•added 2014/12/10 9:59 p.m.•49 views

CVE-2014-8458

Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2014-8445, CVE-2014-8446, CVE-2014-8447, CVE-2014-8456, CVE...

10CVSS7.6AI score0.27545EPSS

cve•added 2015/07/15 2:59 p.m.•49 views

CVE-2015-5096

Heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.15 and 11.x before 11.0.12, Acrobat and Acrobat Reader DC Classic before 2015.006.30060, and Acrobat and Acrobat Reader DC Continuous before 2015.008.20082 on Windows and OS X allows attackers to execute arbitrary code via unsp...

10CVSS7.9AI score0.04398EPSS

cve•added 2015/10/14 11:59 p.m.•49 views

CVE-2015-6688

6.8CVSS7.1AI score0.05379EPSS

cve•added 2016/05/11 10:59 a.m.•49 views

CVE-2016-1078

CVE-2016-1116

CVE-2016-1118

CVE-2016-1128

10CVSS9.8AI score0.12444EPSS

CVE-2016-4092

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vuln...

CVE-2016-4099

CVE-2016-4105

10CVSS9.8AI score0.05144EPSS

CVE-2016-6939

Heap-based buffer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vuln...

CVE-2016-6941

10CVSS9.3AI score0.11345EPSS

CVE-2016-6957

Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allow attackers to bypass JavaScript API execution restrictions via unspecified vectors.

10CVSS9.8AI score0.0216EPSS

CVE-2016-6971

cve•added 2016/10/13 8:0 p.m.•49 views

CVE-2016-6999

Integer overflow in Adobe Reader and Acrobat before 11.0.18, Acrobat and Acrobat Reader DC Classic before 15.006.30243, and Acrobat and Acrobat Reader DC Continuous before 15.020.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors.

10CVSS9.7AI score0.13289EPSS

cve•added 2016/10/13 8:0 p.m.•49 views

CVE-2016-7010

cve•added 2016/10/13 8:0 p.m.•49 views

CVE-2016-7011

cve•added 2021/09/29 4:15 p.m.•49 views

CVE-2021-39842

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a use-after-free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interactio...

7.8CVSS7.6AI score0.56988EPSS

cve•added 2021/09/29 4:15 p.m.•49 views

CVE-2021-39843

Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user inte...

7.8CVSS7.7AI score0.31328EPSS

cve•added 2024/08/14 3:15 p.m.•49 views

CVE-2024-39422

Acrobat Reader versions 20.005.30636, 24.002.20965, 24.002.20964, 24.001.30123 and earlier are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open...

7.8CVSS7.8AI score0.00081EPSS

cve•added 2024/08/14 3:15 p.m.•49 views

CVE-2024-39424

7.8CVSS7.8AI score0.00081EPSS

cve•added 2003/06/16 4:0 a.m.•48 views

CVE-2003-0284

Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.

7.5CVSS6.7AI score0.01224EPSS

cve•added 2008/09/15 3:14 p.m.•48 views

CVE-2008-4071

A certain ActiveX control in Adobe Acrobat 9, when used with Microsoft Windows Vista and Internet Explorer 7, allows remote attackers to cause a denial of service (browser crash) via an src property value with an invalid acroie:// URL.

5CVSS6.5AI score0.01699EPSS

cve•added 2011/02/10 6:0 p.m.•48 views

CVE-2011-0565

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585.

9.3CVSS7.7AI score0.06784EPSS

cve•added 2016/05/11 10:59 a.m.•48 views

CVE-2016-1085