Vulnerabilities > Adobe > Acrobat Reader

DATE CVE VULNERABILITY TITLE RISK
2009-07-23 CVE-2009-1862 Out-of-bounds Write vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
local
low complexity
adobe CWE-787
7.8
2009-02-20 CVE-2009-0658 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Buffer overflow in Adobe Reader 9.0 and earlier, and Acrobat 9.0 and earlier, allows remote attackers to execute arbitrary code via a crafted PDF document, related to a non-JavaScript function call and possibly an embedded JBIG2 image stream, as exploited in the wild in February 2009 by Trojan.Pidief.E.
local
low complexity
adobe CWE-119
7.8
2008-11-04 CVE-2008-2992 Out-of-bounds Write vulnerability in multiple products
Stack-based buffer overflow in Adobe Acrobat and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a PDF file that calls the util.printf JavaScript function with a crafted format string argument, a related issue to CVE-2008-1104.
local
low complexity
adobe oracle CWE-787
7.8
2008-02-12 CVE-2007-5659 Classic Buffer Overflow vulnerability in Adobe Acrobat
Multiple buffer overflows in Adobe Reader and Acrobat 8.1.1 and earlier allow remote attackers to execute arbitrary code via a PDF file with long arguments to unspecified JavaScript methods.
local
low complexity
adobe CWE-120
7.8
2008-02-07 CVE-2008-0655 Unspecified vulnerability in Adobe Acrobat
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.
network
low complexity
adobe
critical
9.8
2005-06-15 CVE-2005-1306 XXE vulnerability in Adobe Acrobat and Acrobat Reader
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
network
low complexity
adobe CWE-611
7.5