Vulnerabilities > Adobe > Acrobat > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2009-10-19 | CVE-2009-2993 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. | 9.3 |
| 2009-10-19 | CVE-2009-2994 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2009-10-19 | CVE-2009-2996 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985. | 9.3 |
| 2009-10-19 | CVE-2009-2997 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors. | 9.3 |
| 2009-10-19 | CVE-2009-2998 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458. | 9.3 |
| 2009-10-19 | CVE-2009-3458 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. | 9.3 |
| 2009-10-19 | CVE-2009-3460 | Resource Management Errors vulnerability in Adobe Acrobat Adobe Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | 9.3 |
| 2009-10-19 | CVE-2009-3461 | Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat Unspecified vulnerability in Adobe Acrobat 9.x before 9.2 allows attackers to bypass intended file-extension restrictions via unknown vectors. | 9.3 |
| 2009-10-13 | CVE-2009-3459 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat, Acrobat Reader and Reader Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. | 9.3 |
| 2009-07-23 | CVE-2009-1862 | Code Injection vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009. | 9.3 |