Vulnerabilities > Adobe > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-16 | CVE-2005-2470 | Remote Buffer Overflow vulnerability in Adobe Acrobat and Adobe Reader Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | 7.5 |
2005-06-15 | CVE-2005-1306 | XXE vulnerability in Adobe Acrobat and Acrobat Reader The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability." | 7.5 |
2005-06-13 | CVE-2005-0151 | Unspecified vulnerability in Adobe Creative Suite, Photoshop and Premiere Unknown vulnerability in the installation of Adobe License Management Service, as used in Adobe Photoshop CS, Adobe Creative Suite 1.0, and Adobe Premiere Pro 1.5, allows attackers to gain administrator privileges. | 7.5 |
2005-05-17 | CVE-2005-1307 | Local Privilege Escalation vulnerability in Adobe Version Cue The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | 7.2 |
2004-09-28 | CVE-2004-0629 | Buffer Overflow vulnerability in Adobe Acrobat/Acrobat Reader ActiveX Control URI Request Heap Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | 7.5 |
2004-07-27 | CVE-2004-0632 | Unspecified vulnerability in Adobe Acrobat and Acrobat Reader Adobe Reader 6.0 does not properly handle null characters when splitting a filename path into components, which allows remote attackers to execute arbitrary code via a file with a long extension that is not normally handled by Reader, triggering a buffer overflow. | 7.5 |
2004-03-29 | CVE-2004-0194 | Buffer Overflow vulnerability in Adobe Acrobat Reader 5.1 Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data. | 7.5 |
2003-08-07 | CVE-2003-0508 | Remote Security vulnerability in Reader Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. | 7.5 |
2003-07-24 | CVE-2003-0434 | Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. | 7.5 |
2003-06-16 | CVE-2003-0284 | Remote Security vulnerability in Adobe Acrobat 5.0 Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | 7.5 |