CVE-2023-21582

CVE-2023-21582 (Adobe Digital Editions) : Affected are Adobe Digital Editions 4.5.11.187303 and earlier. The issue is an out-of-bounds write in handling untrusted input that could lead to arbitrary code execution in the context of the current user. Exploitation requires the victim to open a malic...

CVE-2017-3095

Adobe Digital Editions 4.5.4 and earlier are affected by CVE-2017-3095 due to a memory corruption vulnerability in the PDF parsing engine that could lead to arbitrary code execution. Public sources (NVD) assign a CRITICAL impact (CVSS v3: 9.8) with network attack vector, no user interaction, and ...

CVE-2019-7095

Adobe Digital Editions is affected by CVE-2019-7095, a heap overflow in versions 4.5.10.185749 and earlier. The vulnerability could allow arbitrary code execution on exploitation. Remediation: update to 4.5.10.186048 (per THN ThreatPost and Red Hat/NVD references). The linked reports confirm the ...

CVE-2016-0954

CVE-2016-0954 affects Adobe Digital Editions prior to 4.5.1. The vulnerability allows attackers to execute arbitrary code or cause a denial of service through memory corruption, via unspecified vectors. Connected advisories and scans (APSB16-06) indicate the issue across Windows and macOS; remedi...

CVE-2020-3759

Adobe Digital Editions (Windows): CVE-2020-3759 is a buffer overflow (buffer errors) vulnerability in versions 4.5.10 and earlier that could disclose information; CVE-2020-3760 is a command-injection flaw in the same pre-4.5.11 range that could allow arbitrary code execution. The issues are addre...

CVE-2017-2980

CVE-2017-2980 affects Adobe Digital Editions 4.5.3 and earlier due to an exploitable buffer over-read, potentially leading to information disclosure. The related Nessus advisories (APSB17-05) indicate fixes in version 4.5.4 (and later). No exploitation status is provided in the supplied documents.

CVE-2013-1377

Adobe Digital Editions 2.x before 2.0.1 is affected by a memory corruption vulnerability in rmsdk_wrapper.dll when handling embedded font streams in PDFs, potentially allowing arbitrary code execution or memory corruption DoS. Public details from the advisories indicate that patches are available...

CVE-2017-2973

Adobe Digital Editions

CVE-2017-11273

CVE-2017-11273 affects Adobe Digital Editions 4.5.6 and earlier, where parsing crafted XML files in an unsafe manner can lead to sensitive information disclosure. Connected sources confirm the issue is tied to XML parsing, with remediation advised by APSB17-39 to update to 4.5.7 or newer. Impact ...

CVE-2017-11274

CVE-2017-11274 affects Adobe Digital Editions 4.5.4 and earlier. The vulnerability is a use-after-free in the DE component, with exploitation able to cause arbitrary code execution. Public sources in the Connected documents confirm multiple vendors/tools reference this CVE as part of the APSB17-2...

CVE-2017-11280

CVE-2017-11280 is a memory corruption vulnerability in Adobe Digital Editions 4.5.4 and earlier that could allow arbitrary code execution upon successful exploitation. The connected documents confirm the impact (arbitrary code execution) and the vulnerable version range, with remediation guidance...

CVE-2020-3760

CVE-2020-3760 affects Adobe Digital Editions versions 4.5.10 and below, where a command-injection flaw could lead to arbitrary code execution. Root cause: improper handling of input data enabling shell execution. Impact per sources: high-severity, with potential for full compromise of the affecte...

CVE-2017-3092

CVE-2017-3092: Adobe Digital Editions 4.5.4 and earlier are affected by an insecure library loading vulnerability in the installer plugin, potentially allowing arbitrary code execution. Connected advisories (APSB17-20) indicate additional related CVEs (e.g., 3088, 3089, 3093, 3096, 3097) and conf...

CVE-2017-3094

Adobe Digital Editions

CVE-2014-0494

CVE-2014-0494 affects Adobe Digital Editions 2.0.1 across Windows and macOS, where memory corruption can be triggered by unspecified vectors, enabling arbitrary code execution or a denial of service (application crash). The vulnerability is documented in APSB14-03 and patched in newer releases (e...

CVE-2017-11276

CVE-2017-11276 is a memory corruption vulnerability in Adobe Digital Editions 4.5.4 and earlier that could allow arbitrary code execution on affected systems. Connected sources (APSB17-27) list multiple flaws in the same product family and confirm affected versions before 4.5.6; remediation is to...

CVE-2017-2975

CVE-2017-2975 refers to a buffer over-read in Adobe Digital Editions 4.5.3 and earlier that can lead to information disclosure. The connected sources confirm ADE is affected by multiple buffer-related vulnerabilities; CVE-2017-2975 specifically addresses the over-read vector. Practical impact in ...

CVE-2017-3088

Adobe Digital Editions 4.5.4 and earlier contains an exploitable memory corruption vulnerability in the PDF runtime engine (CVE-2017-3088) that could allow arbitrary code execution. Impact is high/remote code execution with no user interaction required. APSB17-20 advises upgrading to version 4.5....

CVE-2017-11277

CVE-2017-11277 : Adobe Digital Editions 4.5.4 and earlier suffer a memory corruption vulnerability that could lead to arbitrary code execution. Affected products include Digital Editions 4.5.4 and earlier; platforms mentioned in connected docs include Windows/macOS. Root cause: memory corruption/...

CVE-2021-39826

Adobe Digital Editions 4.5.11.187646 (and earlier) are affected by an arbitrary command execution vulnerability (CVE-2021-39826). An authenticated attacker could execute commands by convincing a user to open a malicious .epub file; user interaction is required. The issue is cited across multiple ...

CVE-2016-4258

Adobe Digital Editions before 4.5.2 is affected by multiple vulnerabilities (CVE-2016-4258 family) that allow arbitrary code execution or memory corruption via unspecified vectors. The issue is documented as a single CVE entry that references related CVEs (e.g., CVE-2016-4256/4257/4259/4260/4261/...

CVE-2017-3089

Adobe Digital Editions (Windows/macOS)

CVE-2017-3090

CVE-2017-3090 affects Adobe Digital Editions 4.5.4 and earlier, due to insecure library loading in the installer plugin, enabling arbitrary code execution. Multiple Nessus entries for ADE (Windows/macOS) corroborate that versions prior to 4.5.5 are affected (APSB17-20). Remediation is to update t...

CVE-2017-3091

Adobe Digital Editions 4.5.4 and earlier versions are affected by a memory corruption vulnerability (CVE-2017-3091) that could lead to arbitrary code execution. The connected Nessus entries corroborate multiple vulnerabilities in ADE and reference a security update APSB17-27 advising remediation ...

CVE-2017-11298

Adobe Digital Editions 4.5.6 and earlier are affected by a memory corruption vulnerability (CVE-2017-11298) that could disclose memory addresses. The issue is part of multiple vulnerabilities documented in APSB17-39, affecting Windows, macOS, iOS, and Android. Affected component: Digital Editions...

CVE-2017-11301

Adobe Digital Editions 4.5.6 and earlier is affected by CVE-2017-11301 due to a memory corruption vulnerability that could disclose memory addresses. The issue applies across multiple platforms as noted in APSB17-39, with affected versions including Windows and macOS clients before 4.5.7. The roo...

CVE-2018-12813

Adobe Digital Editions 4.5.8 and earlier are affected by a set of heap-based vulnerabilities (notably CVE-2018-12813, CVE-2018-12814, CVE-2018-12822, CVE-2018-12823) that could allow arbitrary code execution. Connected advisories (APSB18-27) describe additional issues in the same release line: ou...

CVE-2017-11272

CVE-2017-11272 is a security bypass in Adobe Digital Editions up to version 4.5.4 (and earlier). Public references in the provided documents confirm the vulnerability exists in ADE and allows bypass of security controls without specifying exploit vectors. Connected sources (Nessus/OpenVAS entries...

CVE-2017-2976

CVE-2017-2976 affects Adobe Digital Editions versions 4.5.3 and earlier. It is a buffer over-read vulnerability that, when exploited, can lead to information disclosure. The provided documents confirm the vulnerable product/version and the nature of the vulnerability; no exploit status or additio...

CVE-2021-21100

Adobe Digital Editions 4.5.11.187245 and earlier are affected by a Privilege Escalation vulnerability during installation that allows arbitrary file system writes in the context of the current user. Exploitation requires user interaction (victim must open a malicious file). The issue is tracked a...

CVE-2017-11275

CVE-2017-11275 refers to a heap overflow in Adobe Digital Editions 4.5.4 and earlier that could allow arbitrary code execution upon exploitation. The connected Nessus/OpenVAS entries corroborate that this family of issues affected Adobe Digital Editions prior to 4.5.6 and was part of the APSB17-2...

CVE-2017-11297

Adobe Digital Editions

CVE-2017-2978

CVE-2017-2978 affects Adobe Digital Editions versions 4.5.3 and earlier, describing an exploitable buffer over-read that could lead to information disclosure. The related connected documents corroborate a memory-read vulnerability in Adobe Digital Editions (Windows/macOS) prior to 4.5.4/4.5.3 dep...

CVE-2017-2979

CVE-2017-2979 affects Adobe Digital Editions 4.5.3 and earlier. The vulnerability is a buffer over-read in the product, which could allow an attacker to disclose information. The provided documents do not specify remediation steps or patched versions; no exploit details are given beyond the gener...

CVE-2017-3093

Adobe Digital Editions 4.5.4 and earlier contain a memory corruption vulnerability in the bitmap representation module that could lead to arbitrary code execution. This is documented in CVE-2017-3093 and referenced alongside APSB17-20; affected platforms include Windows and macOS. Remediation: up...

CVE-2017-3097

Adobe Digital Editions 4.5.4 and earlier are vulnerable to an insecure library loading vulnerability in the installer plugin (CVE-2017-3097), which could allow arbitrary code execution. The issue is documented in the NVD entry for CVE-2017-3097 and is referenced by other APSB17-20 advisories noti...

CVE-2014-8068

CVE-2014-8068 affects Adobe Digital Editions 4.x. The issue is information disclosure: DE 4 does not encrypt data transmitted to adelogs.adobe.com, enabling network sniffing of sensitive information (e.g., book-navigation data). Affected platforms include Windows and macOS; older than 4.0.1 build...

CVE-2016-4261

Technical details about CVE-2016-4261 (affected product, vulnerable component, impact, and fixes) are not provided in the connected documents. Monitor for updates from credible sources as more details may be published.

CVE-2016-6980

Adobe Digital Editions prior to 4.5.2 contains CVE-2016-6980, a use-after-free vulnerability that allows attackers to execute arbitrary code via unspecified vectors. Affected product/version: Adobe Digital Editions

CVE-2017-11299

Adobe Digital Editions 4.5.6 and earlier are affected by a memory corruption flaw (CVE-2017-11299) that could disclose memory addresses. Affected component: Adobe Digital Editions software. Root cause: exploitable memory corruption. Impact: potential disclosure of memory addresses. Remediation: u...

CVE-2017-11300

Adobe Digital Editions

CVE-2017-2974

Adobe Digital Editions (Windows/macOS) prior to 4.5.4 is affected by a buffer over-read leading to information disclosure (CVE-2017-2974). Affected product/version: 4.5.3 and earlier. Root cause per sources: exploitable overflow/over-read vulnerability in the 4.5.3 and earlier builds. Impact stat...

CVE-2020-3798

CVE-2020-3798 affects Adobe Digital Editions, specifically version 4.5.11.187212 and earlier on Windows, which is vulnerable to a file enumeration (host or local network) flaw that could lead to information disclosure. The root cause is information-disclosure via file enumeration within the appli...

CVE-2016-4263

Affected software: Adobe Digital Editions prior to 4.5.2. Vulnerability type / root cause: Use-after-free vulnerability in the Adobe Digital Editions code path, leading to potential arbitrary code execution. CVE reference: CVE-2016-4263 (and related entries such as CVE-2016-6980 describe the same...

CVE-2017-11278

Adobe Digital Editions 4.5.4 and earlier are affected by CVE-2017-11278 (memory corruption vulnerability). Successful exploitation could lead to arbitrary code execution. The connected advisories indicate this was part of APSB17-27 with remediation guidance to upgrade to 4.5.6 or newer on Windows...

CVE-2017-11279

Adobe Digital Editions 4.5.4 and earlier are affected by a use-after-free vulnerability (CVE-2017-11279) that could allow arbitrary code execution. The issue is documented across multiple sources (NVD entry for CVE-2017-11279 and Nessus/OpenVAS advisories) and is part of a set of vulnerabilities ...

CVE-2017-2981

Summary: CVE-2017-2981 affects Adobe Digital Editions 4.5.3 and earlier. A buffer over-read could disclose memory contents. Other connected sources associate this CVE with a set of related heap/buffer overflows in the same 4.5.3 era. Root cause: buffer over-read in the affected code path. Impact ...

CVE-2016-4256

Adobe Digital Editions before 4.5.2 is affected by multiple vulnerabilities, including memory corruption and arbitrary code execution via unspecified vectors (CVE-2016-4256 among others). The macOS Nessus plugin APSB16-28 references these issues and notes use-after-free/memory-corruption variants...

CVE-2017-2977

CVE-2017-2977 : Adobe Digital Editions 4.5.3 and earlier contain an exploitable buffer over-read that could disclose memory information. This is corroborated by the NVD entry and multiple scanners in the connected documents. The underlying issue is a buffer over-read in Adobe Digital Editions pri...

CVE-2017-3096

Adobe Digital Editions versions 4.5.4 and earlier are affected by a memory corruption vulnerability in the character code mapping module that could enable arbitrary code execution on successful exploitation. The issue is triggered in the PDF runtime/imaging/character mapping stack (as described a...