Vulnerabilities > Adobe > High

DATE CVE VULNERABILITY TITLE RISK
2010-05-13 CVE-2010-0986 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file.
network
low complexity
adobe CWE-787
8.8
2010-05-13 CVE-2010-0130 Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player
Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via a crafted .dir (aka Director) file.
network
low complexity
adobe CWE-190
8.8
2010-05-13 CVE-2010-0129 Integer Overflow or Wraparound vulnerability in Adobe Shockwave Player
Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted .dir (aka Director) file that triggers an array index error.
network
low complexity
adobe CWE-190
8.8
2010-05-13 CVE-2010-0127 Out-of-bounds Write vulnerability in Adobe Shockwave Player
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.
network
low complexity
adobe CWE-787
8.8
2010-02-22 CVE-2010-0188 Unspecified vulnerability in Adobe Acrobat and Acrobat Reader
Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors.
local
low complexity
adobe
7.8
2010-01-21 CVE-2010-0378 Use After Free vulnerability in Adobe Flash Player 6.0.79
Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP2 and SP3, allows remote attackers to execute arbitrary code by unloading a Flash object that is currently being accessed by a script, leading to memory corruption, aka a "Movie Unloading Vulnerability."
network
low complexity
adobe CWE-416
8.8
2010-01-13 CVE-2009-3953 Out-of-bounds Write vulnerability in multiple products
The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.
network
low complexity
adobe opensuse suse CWE-787
8.8
2009-12-15 CVE-2009-4324 Use After Free vulnerability in multiple products
Use-after-free vulnerability in the Doc.media.newPlayer method in Multimedia.api in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted PDF file using ZLib compressed streams, as exploited in the wild in December 2009.
local
low complexity
adobe opensuse suse CWE-416
7.8
2009-09-30 CVE-2009-3489 Incorrect Permission Assignment for Critical Resource vulnerability in Adobe Photoshop Elements 8.0
Adobe Photoshop Elements 8.0 installs the Adobe Active File Monitor V8 service with an insecure security descriptor, which allows local users to (1) stop the service via the stop command, (2) execute arbitrary commands as SYSTEM by using the config command to modify the binPath variable, or (3) restart the service via the start command.
local
low complexity
adobe CWE-732
7.8
2009-07-23 CVE-2009-1862 Out-of-bounds Write vulnerability in Adobe Acrobat, Acrobat Reader and Flash Player
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exploited in the wild in July 2009.
local
low complexity
adobe CWE-787
7.8