Vulnerabilities > Adobe
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-12-03 | CVE-2006-6236 | Remote Code Execution vulnerability in Adobe Reader and Acrobat AcroPDF.dll ActiveX Control Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the (1) src, (2) setPageMode, (3) setLayoutMode, and (4) setNamedDest methods in an AcroPDF ActiveX control, a different set of vectors than CVE-2006-6027. | 9.3 |
| 2006-11-21 | CVE-2006-6027 | Multiple vulnerability in Adobe Acrobat Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control. | 9.3 |
| 2006-10-17 | CVE-2006-5330 | Cross-Site Scripting vulnerability in Adobe Flash Player CRLF injection vulnerability in Adobe Flash Player plugin 9.0.16 and earlier for Windows, 7.0.63 and earlier for Linux, 7.x before 7.0 r67 for Solaris, and before 9.0.28.0 for Mac OS X, allows remote attackers to modify HTTP headers of client requests and conduct HTTP Request Splitting attacks via CRLF sequences in arguments to the ActionScript functions (1) XML.addRequestHeader and (2) XML.contentType. | 5.0 |
| 2006-10-10 | CVE-2006-5200 | Directory Traversal vulnerability in Adobe Breeze Unspecified vulnerability in Adobe Breeze 5 Licensed Server and Breeze 5.1 Licensed Server allows attackers to read arbitrary files via unknown vectors related to "URL parsing." | 5.0 |
| 2006-10-10 | CVE-2006-5199 | Local Information Disclosure vulnerability in Adobe Contribute Publishing Server Adobe Contribute Publishing Server leaks the administrator password in logs that are created during product installation, which allows local users to gain privileges to the server. | 2.1 |
| 2006-10-10 | CVE-2006-3978 | Local Privilege Escalation vulnerability in Adobe Coldfusion 7.0/7.0.1/7.0.2 Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors. | 4.6 |
| 2006-09-14 | CVE-2006-4726 | Cross-Site Scripting vulnerability in Adobe ColdFusion Error Page Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | 2.6 |
| 2006-09-14 | CVE-2006-4725 | Unspecified vulnerability in Adobe Coldfusion 7.0/7.0.1 Adobe ColdFusion MX 7 and 7.01 allows local users to bypass security restrictions and call components (CFC) within a sandbox from CFML templates that are located outside of the sandbox. | 4.6 |
| 2006-09-14 | CVE-2006-4724 | Denial of Service vulnerability in Adobe ColdFusion Flash Remoting Gateway Unspecified vulnerability in the ColdFusion Flash Remoting Gateway in Adobe ColdFusion MX 7 and 7.01 allows remote attackers to cause a denial of service (infinite loop) via unspecified vectors involving a crafted command. | 5.0 |
| 2006-09-12 | CVE-2006-4640 | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. | 6.8 |