Vulnerabilities > Adobe
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2009-07-31 | CVE-2009-1863 | Permissions, Privileges, and Access Controls vulnerability in Adobe Air, Flash Player and Flex Unspecified vulnerability in Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors, related to a "privilege escalation vulnerability." | 9.3 |
2009-07-23 | CVE-2009-1862 | Out-of-bounds Write vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009. | 7.8 |
2009-07-21 | CVE-2009-2564 | Permissions, Privileges, and Access Controls vulnerability in multiple products NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.exe with a Trojan horse program, as demonstrated by use of getPlus Download Manager within Adobe Reader. | 7.2 |
2009-06-25 | CVE-2009-2186 | Unspecified vulnerability in Adobe Shockwave Player Unspecified vulnerability in Adobe Shockwave Player before 11.0.0.465 allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than CVE-2009-1860, related to an older issue that "was previously resolved in Shockwave Player 11.0.0.465." | 9.3 |
2009-06-25 | CVE-2009-1860 | Remote Code Execution vulnerability in Adobe Shockwave Player Director File Parsing Unspecified vulnerability in Adobe Shockwave Player before 11.5.0.600 allows remote attackers to execute arbitrary code via crafted Shockwave Player 10 content. | 9.3 |
2009-06-11 | CVE-2009-2028 | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues." | 10.0 |
2009-06-11 | CVE-2009-1861 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Multiple heap-based buffer overflows in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file with a JPX (aka JPEG2000) stream that triggers heap memory corruption. | 9.3 |
2009-06-11 | CVE-2009-1859 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. | 9.3 |
2009-06-11 | CVE-2009-1858 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader The JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. | 9.3 |
2009-06-11 | CVE-2009-1857 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font. | 9.3 |