Vulnerabilities > Adobe > Critical

DATE CVE VULNERABILITY TITLE RISK
2014-01-15 CVE-2014-0492 Permissions, Privileges, and Access Controls vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to defeat the ASLR protection mechanism by leveraging an "address leak."
network
low complexity
adobe apple microsoft linux CWE-264
critical
 10.0
10
2014-01-15 CVE-2014-0491 Permissions, Privileges, and Access Controls vulnerability in Adobe Air, Adobe AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.260 and 11.8.x and 11.9.x before 12.0.0.38 on Windows and Mac OS X and before 11.2.202.335 on Linux, Adobe AIR before 4.0.0.1390, Adobe AIR SDK before 4.0.0.1390, and Adobe AIR SDK & Compiler before 4.0.0.1390 allow attackers to bypass unspecified protection mechanisms via unknown vectors.
network
low complexity
adobe apple microsoft linux CWE-264
critical
 10.0
10
2013-12-11 CVE-2013-5334 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5333.
network
low complexity
adobe CWE-119
critical
 10.0
10
2013-12-11 CVE-2013-5333 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 12.0.7.148 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5334.
network
low complexity
adobe CWE-119
critical
 10.0
10
2013-12-11 CVE-2013-5332 Code Injection vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
adobe apple microsoft linux CWE-94
critical
 9.3
9.3
2013-12-11 CVE-2013-5331 Code Injection vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.257 and 11.8.x and 11.9.x before 11.9.900.170 on Windows and Mac OS X and before 11.2.202.332 on Linux, Adobe AIR before 3.9.0.1380, Adobe AIR SDK before 3.9.0.1380, and Adobe AIR SDK & Compiler before 3.9.0.1380 allow remote attackers to execute arbitrary code via crafted .swf content that leverages an unspecified "type confusion," as exploited in the wild in December 2013.
network
adobe apple microsoft linux CWE-94
critical
 9.3
9.3
2013-11-13 CVE-2013-5330 Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5329.
network
low complexity
adobe apple microsoft linux CWE-119
critical
 10.0
10
2013-11-13 CVE-2013-5329 Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player
Adobe Flash Player before 11.7.700.252 and 11.8.x and 11.9.x before 11.9.900.152 on Windows and Mac OS X and before 11.2.202.327 on Linux, Adobe AIR before 3.9.0.1210, Adobe AIR SDK before 3.9.0.1210, and Adobe AIR SDK & Compiler before 3.9.0.1210 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-5330.
network
low complexity
adobe apple microsoft linux CWE-119
critical
 10.0
10
2013-10-09 CVE-2013-5327 Buffer Errors vulnerability in Adobe Robohelp 10.0
MDBMS.dll in Adobe RoboHelp 10 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.
network
low complexity
adobe CWE-119
critical
 10.0
10
2013-10-09 CVE-2013-5325 Code Injection vulnerability in Adobe Acrobat and Acrobat Reader
Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document.
network
adobe microsoft CWE-94
critical
 9.3
9.3