Vulnerabilities > Adobe

DATE CVE VULNERABILITY TITLE RISK
2005-05-02 CVE-2005-0035 Information Disclosure vulnerability in Adobe Acrobat Reader ActiveX Control LoadFile
The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method.
network
high complexity
adobe
5.1
2005-01-10 CVE-2004-1153 Denial-Of-Service vulnerability in Adobe Acrobat Reader 6.0/6.0.2/8.0
Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.
network
low complexity
adobe
critical
10.0
2005-01-10 CVE-2004-1152 Unspecified vulnerability in Adobe Acrobat Reader 5.0.9
Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.
network
low complexity
adobe
critical
10.0
2004-10-12 CVE-2004-1598 Remote Access Validation vulnerability in Adobe Acrobat Reader
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
network
low complexity
adobe
5.0
2004-09-28 CVE-2004-0629 Buffer Overflow vulnerability in Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Heap
Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string.
network
low complexity
adobe
7.5
2004-08-18 CVE-2004-0631 Buffer Overflow vulnerability in Adobe Acrobat Reader For Unix UUDecode
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.
network
low complexity
adobe
critical
10.0
2004-08-18 CVE-2004-0630 Remote Arbitrary Code Execution vulnerability in Adobe Acrobat Reader Shell Metacharacter
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
network
low complexity
adobe
critical
10.0
2004-07-27 CVE-2004-0632 Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow.
network
low complexity
adobe
7.5
2004-03-29 CVE-2004-0194 Buffer Overflow vulnerability in Adobe Acrobat Reader 5.1
Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data.
network
low complexity
adobe
7.5
2003-08-18 CVE-2003-0142 Remote Security vulnerability in Adobe Acrobat Reader 6.0
Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function.
network
low complexity
adobe
5.0