Vulnerabilities > Adobe > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2013-01-10 | CVE-2013-0603 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Heap-based buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-0604. | 10.0 |
| 2013-01-10 | CVE-2013-0602 | Resource Management Errors vulnerability in Adobe Acrobat and Acrobat Reader Use-after-free vulnerability in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2013-01-10 | CVE-2013-0601 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-1530, CVE-2013-0605, CVE-2013-0616, CVE-2013-0619, CVE-2013-0620, and CVE-2013-0623. | 10.0 |
| 2013-01-10 | CVE-2012-1530 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Heap-based buffer overflow in the XSLT engine in Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing an XSL file that triggers memory corruption when the lang function processes XML data with a crafted node-set. | 10.0 |
| 2013-01-09 | CVE-2013-0625 | Improper Authentication vulnerability in Adobe Coldfusion 9.0/9.0.1/9.0.2 Adobe ColdFusion 9.0, 9.0.1, and 9.0.2, when a password is not configured, allows remote attackers to bypass authentication and possibly execute arbitrary code via unspecified vectors, as exploited in the wild in January 2013. | 9.8 |
| 2012-12-20 | CVE-2012-6271 | Remote Code Execution vulnerability in Adobe Shockwave Player Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of arbitrary signed Xtras via a Shockwave movie that contains an Xtra URL, as demonstrated by a URL for an outdated Xtra. | 9.3 |
| 2012-12-20 | CVE-2012-6270 | Unspecified vulnerability in Adobe Shockwave Player Adobe Shockwave Player through 11.6.8.638 allows remote attackers to trigger installation of a Shockwave Player 10.4.0.025 compatibility feature via a crafted HTML document that references Shockwave content with a certain compatibility parameter, related to a "downgrading" attack. | 9.3 |
| 2012-12-13 | CVE-2012-5680 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Camera RAW Buffer overflow in Adobe Photoshop Camera Raw before 7.3 allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |
| 2012-12-12 | CVE-2012-5678 | Buffer Errors vulnerability in Adobe Air, AIR SDK and Flash Player Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. | 10.0 |
| 2012-12-12 | CVE-2012-5677 | Numeric Errors vulnerability in Adobe Air, AIR SDK and Flash Player Integer overflow in Adobe Flash Player before 10.3.183.48 and 11.x before 11.5.502.135 on Windows, before 10.3.183.48 and 11.x before 11.5.502.136 on Mac OS X, before 10.3.183.48 and 11.x before 11.2.202.258 on Linux, before 11.1.111.29 on Android 2.x and 3.x, and before 11.1.115.34 on Android 4.x; Adobe AIR before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X; and Adobe AIR SDK before 3.5.0.880 on Windows and before 3.5.0.890 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | 10.0 |