Vulnerabilities > Adobe > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-08-26 | CVE-2010-2864 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allows remote attackers to cause a denial of service (memory corruption) or execute arbitrary code via a malformed file containing an invalid value, as demonstrated by a value at position 0x24C6 of a certain file. | 9.3 |
2010-08-26 | CVE-2010-2863 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors. | 10.0 |
2010-08-26 | CVE-2010-3132 | Unspecified vulnerability in Adobe Dreamweaver 11.0 Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probably other versions, allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse (1) mfc90loc.dll or (2) dwmapi.dll that is located in the same folder as a CSS, PHP, ASP, or other file that automatically launches Dreamweaver. | 9.3 |
2010-08-26 | CVE-2010-3127 | Unspecified vulnerability in Adobe Photoshop Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. | 9.3 |
2010-08-11 | CVE-2010-2861 | Path Traversal vulnerability in Adobe Coldfusion Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/. | 9.8 |
2010-08-11 | CVE-2010-2217 | Code Injection vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability." | 10.0 |
2010-08-11 | CVE-2010-2216 | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2214. | 9.3 |
2010-08-11 | CVE-2010-2214 | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2213, and CVE-2010-2216. | 9.3 |
2010-08-11 | CVE-2010-2213 | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. | 9.3 |
2010-08-11 | CVE-2010-0209 | Code Injection vulnerability in Adobe Air, Flash Player and Flash Player for Linux Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2213, CVE-2010-2214, and CVE-2010-2216. | 9.3 |