Vulnerabilities > Adobe
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-02-11 | CVE-2008-0667 | Resource Management Errors vulnerability in Adobe Acrobat Reader The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. | 4.3 |
2008-02-07 | CVE-2008-0655 | Unspecified vulnerability in Adobe Acrobat Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors. | 9.8 |
2008-01-04 | CVE-2007-6637 | Cross-Site Scripting vulnerability in Adobe Flash Player Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. | 4.3 |
2007-12-20 | CVE-2007-6246 | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges. | 4.4 |
2007-12-20 | CVE-2007-6245 | Buffer Errors vulnerability in Adobe Flash Player 7.0/8.0/9.0 Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks. | 5.8 |
2007-12-20 | CVE-2007-6244 | Cross-Site Scripting vulnerability in Adobe Flash Player 8.0/9.0 Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer. | 4.3 |
2007-12-20 | CVE-2007-6243 | Permissions, Privileges, and Access Controls vulnerability in Adobe Flash Player Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks. | 9.3 |
2007-12-20 | CVE-2007-6242 | Improper Input Validation vulnerability in Adobe Flash Player Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors." | 6.8 |
2007-11-15 | CVE-2007-5905 | Credentials Management vulnerability in Adobe Coldfusion 7.0/8.0 Adobe ColdFusion 8 and MX 7 allows remote attackers to hijack sessions via unspecified vectors that trigger establishment of a session to a ColdFusion application in which the (1) CFID or (2) CFTOKEN cookies have empty values, possibly due to a session fixation vulnerability. | 6.8 |
2007-11-14 | CVE-2007-5941 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method. | 10.0 |