Vulnerabilities > Adobe > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2010-04-14 | CVE-2010-0192 | Denial of Service vulnerability in Adobe Acrobat and Reader Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2010-0193 and CVE-2010-0196. | 9.3 |
| 2010-04-14 | CVE-2010-0191 | Code Injection vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attackers to execute arbitrary code via unspecified vectors, related to a "prefix protocol handler vulnerability." | 9.3 |
| 2010-04-05 | CVE-2010-1241 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat Reader Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, aka FG-VD-10-005. | 9.3 |
| 2010-04-05 | CVE-2010-1240 | Permissions, Privileges, and Access Controls vulnerability in Adobe Acrobat Reader 9.3.1 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not restrict the contents of one text field in the Launch File warning dialog, which makes it easier for remote attackers to trick users into executing an arbitrary local program that was specified in a PDF document, as demonstrated by a text field that claims that the Open button will enable the user to read an encrypted message. | 9.3 |
| 2010-04-05 | CVE-2009-4764 | Code Injection vulnerability in Adobe Acrobat Reader Adobe Reader 8.x and 9.x on Windows is able to execute EXE files that are embedded in a PDF document, which makes it easier for remote attackers to trick users into executing arbitrary code via a crafted document. | 9.3 |
| 2010-02-23 | CVE-2010-0189 | Improper Input Validation vulnerability in multiple products A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2.35, as used in Adobe Download Manager, improperly validates requests involving web sites that are not in subdomains, which allows remote attackers to force the download and installation of arbitrary programs via a crafted name for a download site. | 9.3 |
| 2010-01-21 | CVE-2010-0379 | Remote Security vulnerability in Windows XP Professional x64 Edition Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free "Movie Unloading Vulnerability" (CVE-2010-0378). | 9.3 |
| 2010-01-21 | CVE-2009-4003 | Numeric Errors vulnerability in Adobe Shockwave Player Multiple integer overflows in Adobe Shockwave Player before 11.5.6.606 allow remote attackers to execute arbitrary code via (1) an unspecified block type in a Shockwave file, leading to a heap-based buffer overflow; and might allow remote attackers to execute arbitrary code via (2) an unspecified 3D block in a Shockwave file, leading to memory corruption; or (3) a crafted 3D model in a Shockwave file, leading to heap memory corruption. | 9.3 |
| 2010-01-21 | CVE-2009-4002 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Shockwave Player Heap-based buffer overflow in Adobe Shockwave Player before 11.5.6.606 allows remote attackers to execute arbitrary code via a crafted 3D model in a Shockwave file. | 9.3 |
| 2010-01-13 | CVE-2009-3959 | Numeric Errors vulnerability in Adobe Acrobat and Acrobat Reader Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document. | 10.0 |