Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2013-01-09 CVE-2013-0629 Unspecified vulnerability in Adobe Coldfusion
Adobe ColdFusion 9.0, 9.0.1, 9.0.2, and 10, when a password is not configured, allows attackers to access restricted directories via unspecified vectors, as exploited in the wild in January 2013.
network
low complexity
adobe
7.5
2013-01-09 CVE-2013-0625 Improper Authentication vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2
Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013.
network
low complexity
adobe CWE-287
critical
9.8
2012-09-24 CVE-2012-5054 Integer Overflow or Wraparound vulnerability in Adobe Flash Player
Integer overflow in the copyRawDataTo method in the Matrix3D class in Adobe Flash Player before 11.4.402.265 allows remote attackers to execute arbitrary code via malformed arguments.
network
low complexity
adobe CWE-190
8.8
2012-08-15 CVE-2012-1535 Unspecified vulnerability in Adobe Flash Player before 11.3.300.271 on Windows and Mac OS X and before 11.2.202.238 on Linux allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted SWF content, as exploited in the wild in August 2012 with SWF content in a Word document.
local
low complexity
adobe redhat opensuse suse
7.8
2012-01-10 CVE-2011-4373 Out-of-bounds Write vulnerability in Adobe Acrobat
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4372.
network
low complexity
adobe CWE-787
critical
9.8
2012-01-10 CVE-2011-4372 Out-of-bounds Write vulnerability in Adobe Acrobat
Adobe Reader and Acrobat before 9.5, and 10.x before 10.1.2, on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-4370 and CVE-2011-4373.
network
low complexity
adobe CWE-787
critical
9.8
2011-12-07 CVE-2011-2462 Out-of-bounds Write vulnerability in Adobe Acrobat
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
network
low complexity
adobe CWE-787
critical
9.8
2011-04-13 CVE-2011-0611 Type Confusion vulnerability in multiple products
Adobe Flash Player before 10.2.154.27 on Windows, Mac OS X, Linux, and Solaris and 10.2.156.12 and earlier on Android; Adobe AIR before 2.6.19140; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader 9.x before 9.4.4 and 10.x through 10.0.1 on Windows, Adobe Reader 9.x before 9.4.4 and 10.x before 10.0.3 on Mac OS X, and Adobe Acrobat 9.x before 9.4.4 and 10.x before 10.0.3 on Windows and Mac OS X allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content; as demonstrated by a Microsoft Office document with an embedded .swf file that has a size inconsistency in a "group of included constants," object type confusion, ActionScript that adds custom functions to prototypes, and Date objects; and as exploited in the wild in April 2011.
network
low complexity
adobe google suse opensuse CWE-843
8.8
2011-03-15 CVE-2011-0609 Unspecified vulnerability in Adobe Flash Player 10.2.154.13 and earlier on Windows, Mac OS X, Linux, and Solaris; 10.1.106.16 and earlier on Android; Adobe AIR 2.5.1 and earlier; and Authplay.dll (aka AuthPlayLib.bundle) in Adobe Reader and Acrobat 9.x through 9.4.2 and 10.x through 10.0.1 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Flash content, as demonstrated by a .swf file embedded in an Excel spreadsheet, and as exploited in the wild in March 2011.
local
low complexity
adobe opensuse suse google
7.8
2010-09-09 CVE-2010-2883 Out-of-bounds Write vulnerability in Adobe Acrobat and Acrobat Reader
Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a PDF document with a long field in a Smart INdependent Glyphlets (SING) table in a TTF font, as exploited in the wild in September 2010.
local
low complexity
adobe CWE-787
7.3