Vulnerabilities > Adobe
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-08-18 | CVE-2009-1874 | Cross-Site Scripting vulnerability in Adobe Jrun 4.0 Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
2009-08-18 | CVE-2009-1873 | Path Traversal vulnerability in Adobe Jrun 4.0 Directory traversal vulnerability in logging/logviewer.jsp in the Management Console in Adobe JRun Application Server 4 Updater 7 allows remote authenticated users to read arbitrary files via a .. | 4.0 |
2009-08-18 | CVE-2009-1872 | Cross-Site Scripting vulnerability in Adobe Coldfusion Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm. | 4.3 |
2009-07-31 | CVE-2009-1870 | Information Exposure vulnerability in Adobe Air, Flash Player and Flex Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability." | 4.9 |
2009-07-31 | CVE-2009-1869 | Numeric Errors vulnerability in Adobe Air, Flash Player and Flex Integer overflow in the ActionScript Virtual Machine 2 (AVM2) abcFile parser in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an AVM2 file with a large intrf_count value that triggers a dereference of an out-of-bounds pointer. | 9.3 |
2009-07-31 | CVE-2009-1868 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors involving URL parsing. | 9.3 |
2009-07-31 | CVE-2009-1867 | Link Following vulnerability in Adobe Air, Flash Player and Flex Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to trick a user into (1) selecting a link or (2) completing a dialog, related to a "clickjacking vulnerability." | 4.3 |
2009-07-31 | CVE-2009-1866 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex Stack-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | 9.3 |
2009-07-31 | CVE-2009-1865 | Multiple Security vulnerability in RETIRED: Adobe Flash Player and AIR Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors, related to a "null pointer vulnerability." | 9.3 |
2009-07-31 | CVE-2009-1864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Air, Flash Player and Flex Heap-based buffer overflow in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unspecified vectors. | 9.3 |