76 matches found
CVE-2014-8451
CVE-2014-8451 concerns Adobe Reader/Acrobat 10.x (before 10.1.13) and 11.x (before 11.0.10) on Windows and OS X. The issue is an information-disclosure vulnerability arising from an improper implementation of a JavaScript API within the product. A remote attacker could lure a user to open a speci...
CVE-2015-3046
Technical details for CVE-2015-3046 are not publicly provided in the connected documents. Monitor for updates from vendors; no specifics on affected products, versions, impact, or fixes are included here.
CVE-2015-3060
Technical details about CVE-2015-3060 are not provided in the connected documents; no affected products, root cause, or fixes are disclosed. Monitor for updates.
CVE-2008-5112
The CVE describes an LDAP authentication behavior in Microsoft Windows 2000 SP4 and Server 2003 SP1/SP2, where the Active Directory LDAP server responds differently to failed binds based on whether the user exists and is allowed to login. This enables remote attackers to enumerate valid usernames...
CVE-2010-3889
Technical details (affected products, components, versions, root cause, and exploit information) are not publicly provided in the connected documents. Monitor for updates.
CVE-2015-3049
CVE-2015-3049 is a memory-disclosure flaw in the OpenType/Type 1 Charstring interpreter (transient array) that can leak uninitialized memory. Connected sources colocate this with Adobe Reader (CoolType) and Windows font engines (DirectWrite/WPF), indicating a cross-product issue in the font raste...
CVE-2016-4534
The CVE-2016-4534 entry concerns McAfee VirusScan Enterprise
CVE-2010-3888
CVE-2010-3888 concerns an unspecified local privilege escalation in 32-bit Windows, exploited in the wild by Stuxnet in July 2010. The initial description notes a privilege gain via unknown vectors and does not specify affected versions beyond 32-bit Windows; no concrete root cause, vulnerable co...
CVE-2015-3059
Adobe Acrobat/Reader vulnerable to a use-after-free in memory handling that could allow arbitrary code execution through a crafted PDF. Affected products: Adobe Acrobat/Reader 10.x (before 10.1.14) and 11.x (before 11.0.11) on Windows and macOS. Root cause: use-after-free in object handling. Reme...
CVE-2014-9159
CVE-2014-9159 is a heap-based buffer overflow in Adobe Reader and Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and macOS, enabling arbitrary code execution via unspecified vectors. The issue is documented as part of Adobe’s APSB14-28 advisories and is intertwined with related CV...
CVE-2014-8456
CVE-2014-8456 affects Adobe Reader/Acrobat on Windows and macOS. The issue is a memory corruption vulnerability in the PDF parsing path, allowing a remote attacker to execute arbitrary code or cause a crash when a user opens a specially crafted PDF. Affected versions include Adobe Reader and Acro...
CVE-2016-1715
CVE-2016-1715 affects the McAfee Application Control (MAC) kernel driver swin.sys on 32‑bit Windows. The issue is a memory corruption condition triggered by handling a 768 syscall, where a zero can be written to an arbitrary kernel memory location. This enables local attackers to cause a denial o...
CVE-2014-8453
CVE-2014-8453 affects Cisco? (no) Actually affected product is Adobe Reader/Acrobat. The connected documents confirm that Adobe Reader/Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 on Windows and OS X are vulnerable. The underlying issue is a same-origin policy bypass, with exploit vectors ...
CVE-2016-4158
Adobe Creative Cloud Desktop on Windows prior to 3.7.0.272 is affected by CVE-2016-4158 (unquoted Windows search path) allowing local privilege escalation via a Trojan horse executable in %SYSTEMDRIVE%. Related CVE-2016-4157 affects installer search paths. The issue is addressed by the APSB16-21 ...
CVE-2014-8447
CVE-2014-8447 is a memory corruption vulnerability reported in Adobe Reader and Acrobat. The issue arises when parsing a corrupted PDF file, per advisories APSB14-28 and related CPAI entries. A remote attacker may exploit this by enticing a target user to open a specially crafted PDF file, potent...
CVE-2014-8449
CVE-2014-8449 is an integer overflow in Adobe Reader/Acrobat 10.x before 10.1.13 and 11.x before 11.0.10 that can allow arbitrary code execution via unspecified vectors. OpenVAS/Nessus entries corroborate multiple vulnerabilities in Acrobat/Reader around APSB14-28, with fixed versions cited as 10...
CVE-2014-8459
CVE-2014-8459 corresponds to a memory corruption vulnerability in Adobe Reader and Acrobat (APSB14-28). Based on connected advisories, the issue arises from incorrect memory handling while parsing a corrupted PDF file, allowing a remote attacker to entice a target user to open a crafted PDF and p...
CVE-2014-8455
Adobe Acrobat/Reader (Windows and macOS) are affected by a use-after-free vulnerability in memory object handling, leading to arbitrary code execution when a user opens a specially crafted PDF. Affected products: Acrobat/Reader 10.x prior to 10.1.13 and 11.x prior to 11.0.10. The issue is trigger...
CVE-2014-9165
Adobe Reader and Acrobat are affected by a use-after-free vulnerability in memory handling of objects, exploited via specially crafted PDFs to achieve arbitrary code execution. Affected products: Adobe Reader and Acrobat 10.x prior to 10.1.13 and 11.x prior to 11.0.10 on Windows and macOS. Root c...
CVE-2008-6194
CVE-2008-6194 is a memory-leak vulnerability in the Microsoft Windows DNS server that can be exploited remotely via DNS packets to cause a denial of service through memory consumption. The issue is noted as stemming from an incorrect fix for CVE-2007-3898. The connected documents do not specify a...
CVE-2014-8458
Adobe Reader and Acrobat (Windows and macOS) are affected by CVE-2014-8458, a memory-corruption flaw in PDF parsing that can lead to arbitrary code execution or a denial of service when processing a specially crafted PDF. The vulnerability is addressed in the Adobe APSB14-28 advisory family (APSB...
CVE-2014-8460
Adobe Reader/Acrobat is affected by CVE-2014-8460 (APSB14-28): a heap-based buffer overflow in the font data parsing path caused by the number of subroutines for an embedded font exceeding the subroutine array size, leading to a crash and potential arbitrary code execution. The issue is documente...
CVE-2014-8457
CVE-2014-8457 affects Adobe Reader/Acrobat on Windows and macOS, with a heap-based buffer overflow in the PDF parsing path of 10.x until 10.1.13 and 11.x until 11.0.10. The issue enables remote code execution via crafted PDF files (unspecified vectors). Connected advisories confirm this as a PDF ...
CVE-2014-8461
CVE-2014-8461 affects Adobe Reader/Acrobat on Windows and macOS (10.x before 10.1.13 and 11.x before 11.0.10). The issue is a memory corruption vulnerability caused by incorrect memory buffer allocation while parsing a corrupted PDF file; a remote attacker could exploit this by enticing a user to...
CVE-2011-3310
CVE-2011-3310 affects CiscoWorks Common Services for Microsoft Windows (pre-4.1). The Home Page component allows an authenticated remote attacker to execute arbitrary commands via a crafted URL, with system administrator privileges on the affected host. The vulnerability impacts multiple CiscoWor...
CVE-2014-7237
CVE-2014-7237 affects lib/TWiki/Sandbox.pm in TWiki 6.0.0 and earlier on Windows. A remote attacker can bypass access restrictions and upload files with restricted names by exploiting a null byte (%00) in a filename to bin/upload.cgi, with demonstration via an .htaccess mechanism to execute arbit...