Vulnerabilities > Adobe > Acrobat Reader > 6.0.4
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-19 | CVE-2009-3462 | Remote vulnerability in RETIRED: Adobe Reader and Acrobat October 2009 Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug." Per: http://www.adobe.com/support/security/bulletins/apsb09-15.html This update resolves a Unix-only format bug when running in Debug mode that could lead to arbitrary code execution Per: http://www.adobe.com/support/security/bulletins/apsb09-15.html Adobe Reader Adobe Reader users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows. Adobe Reader users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Macintosh. Adobe Reader users on UNIX can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Unix. Acrobat Acrobat Standard and Pro users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Windows. Acrobat Pro Extended users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=158&platform=Windows Acrobat 3D users on Windows can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=112&platform=Windows. Acrobat Pro users on Macintosh can find the appropriate update here: http://www.adobe.com/support/downloads/product.jsp?product=1&platform=Macintosh. | 5.1 |
| 2009-10-19 | CVE-2009-3458 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. | 9.3 |
| 2009-10-19 | CVE-2009-2998 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. | 9.3 |
| 2009-10-19 | CVE-2009-2997 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2009-10-19 | CVE-2009-2996 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. | 9.3 |
| 2009-10-19 | CVE-2009-2994 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2009-10-19 | CVE-2009-2993 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. | 9.3 |
| 2009-10-19 | CVE-2009-2992 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors. | 4.3 |
| 2009-10-19 | CVE-2009-2991 | Remote vulnerability in RETIRED: Adobe Reader and Acrobat October 2009 Unspecified vulnerability in the Mozilla plug-in in Adobe Reader and Acrobat 8.x before 8.1.7, and possibly 7.x before 7.1.4 and 9.x before 9.2, might allow remote attackers to execute arbitrary code via unknown vectors. | 9.3 |
| 2009-10-19 | CVE-2009-2990 | Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader Array index error in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |