Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2013-02-14 CVE-2013-0640 Out-of-bounds Write vulnerability in multiple products
Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.
local
low complexity
adobe suse opensuse redhat CWE-787
7.8
2013-01-17 CVE-2013-0632 Incorrect Default Permissions vulnerability in Adobe Coldfusion
administrator.cfc in Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10 allows remote attackers to bypass authentication and possibly execute arbitrary code by logging in to the RDS component using the default empty password and leveraging this session to access the administrative web interface, as exploited in the wild in January 2013.
network
low complexity
adobe CWE-276
critical
9.8
2013-01-09 CVE-2013-0631 Unspecified vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2 allows attackers to obtain sensitive information via unspecified vectors, as exploited in the wild in January 2013.
network
low complexity
adobe
7.5
2013-01-09 CVE-2013-0629 Unspecified vulnerability in Adobe Coldfusion
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
network
low complexity
adobe
7.5
2013-01-09 CVE-2013-0625 Improper Authentication vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
network
low complexity
adobe CWE-287
critical
9.8
2012-09-24 CVE-2012-5054 Integer Overflow or Wraparound vulnerability in Adobe Flash Player
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
network
low complexity
adobe CWE-190
8.8
2012-08-15 CVE-2012-1535 Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
local
low complexity
adobe redhat opensuse suse
7.8
2012-01-10 CVE-2011-4373 Out-of-bounds Write vulnerability in Adobe Acrobat
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
network
low complexity
adobe CWE-787
critical
9.8
2012-01-10 CVE-2011-4372 Out-of-bounds Write vulnerability in Adobe Acrobat
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
network
low complexity
adobe CWE-787
critical
9.8
2011-12-07 CVE-2011-2462 Out-of-bounds Write vulnerability in Adobe Acrobat
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
network
low complexity
adobe CWE-787
critical
9.8