Vulnerabilities > Adobe > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-10-29 | CVE-2010-2582 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properly reallocate a buffer when processing a DEMX chunk in a Director file, which allows remote attackers to trigger a heap-based buffer overflow and execute arbitrary code. | 9.3 |
2010-10-29 | CVE-2010-2581 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director file containing a crafted pamm chunk with an invalid (1) size and (2) number of sub-chunks, a different vulnerability than CVE-2010-4084, CVE-2010-4085, CVE-2010-4086, and CVE-2010-4088. | 9.3 |
2010-10-26 | CVE-2010-3653 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Director movie with a crafted rcsL chunk containing a field whose value is used as a pointer offset, as exploited in the wild in October 2010. | 9.3 |
2010-10-19 | CVE-2010-3976 | DLL Loading Arbitrary Code Execution vulnerability in Adobe Flash Player Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player. | 9.3 |
2010-10-19 | CVE-2010-3975 | Unspecified vulnerability in Adobe Flash Player 9.0 Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse schannel.dll that is located in the same folder as a file that is processed by Flash. | 9.3 |
2010-10-06 | CVE-2010-3658 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3632. | 9.3 |
2010-10-06 | CVE-2010-3632 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2890, CVE-2010-3619, CVE-2010-3621, CVE-2010-3622, CVE-2010-3628, and CVE-2010-3658. | 9.3 |
2010-10-06 | CVE-2010-3631 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows attackers to execute arbitrary code via unspecified vectors. | 9.3 |
2010-10-06 | CVE-2010-3630 | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors. | 9.3 |
2010-10-06 | CVE-2010-3629 | Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allows attackers to execute arbitrary code via a crafted image, a different vulnerability than CVE-2010-3620. | 9.3 |