Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2005-07-07 CVE-2005-1841 Unspecified vulnerability in Adobe Acrobat Reader 5.0.10/5.0.9
The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.
local
low complexity
adobe
2.1
2005-07-05 CVE-2005-1625 Unspecified vulnerability in Adobe Acrobat Reader 5.0.10/5.0.9
Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec tag.
network
low complexity
adobe
5.0
2005-06-15 CVE-2005-1306 XXE vulnerability in Adobe Acrobat and Acrobat Reader
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
network
low complexity
adobe CWE-611
7.5
2005-06-13 CVE-2005-0151 Unspecified vulnerability in Adobe Creative Suite, Photoshop and Premiere
Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges.
network
low complexity
adobe
7.5
2005-05-17 CVE-2005-1307 Local Privilege Escalation vulnerability in Adobe Version Cue
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory.
local
low complexity
adobe apple
7.2
2005-05-02 CVE-2005-0492 Improper Input Validation vulnerability in Adobe Acrobat Reader 6.0.3/7.0
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node.
network
high complexity
adobe CWE-20
2.6
2005-05-02 CVE-2005-0035 Information Disclosure vulnerability in Adobe Acrobat Reader ActiveX Control LoadFile
The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method.
network
high complexity
adobe
5.1
2005-01-10 CVE-2004-1153 Denial-Of-Service vulnerability in Adobe Acrobat Reader 6.0/6.0.2/8.0
Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.
network
low complexity
adobe
critical
10.0
2005-01-10 CVE-2004-1152 Unspecified vulnerability in Adobe Acrobat Reader 5.0.9
Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.
network
low complexity
adobe
critical
10.0
2004-10-12 CVE-2004-1598 Remote Access Validation vulnerability in Adobe Acrobat Reader
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
network
low complexity
adobe
5.0