Vulnerabilities > Adobe > Medium

DATE CVE VULNERABILITY TITLE RISK
2009-10-19 CVE-2009-2995 Numeric Errors vulnerability in Adobe Acrobat
Integer overflow in Adobe Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service via unspecified vectors.
network
adobe CWE-189
4.3
2009-10-19 CVE-2009-2992 Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader
An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.
network
adobe CWE-20
4.3
2009-10-19 CVE-2009-2988 Improper Input Validation vulnerability in Adobe Acrobat and Acrobat Reader
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.
network
adobe CWE-20
4.3
2009-10-19 CVE-2009-2987 Remote vulnerability in RETIRED: Adobe Reader and Acrobat October 2009
Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.
network
adobe
4.3
2009-10-19 CVE-2009-2979 Remote vulnerability in RETIRED: Adobe Reader and Acrobat October 2009
Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
network
adobe
4.3
2009-09-25 CVE-2009-3431 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Adobe Acrobat and Acrobat Reader
Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the alert method.
network
low complexity
adobe CWE-119
5.0
2009-08-18 CVE-2009-1878 Improper Authentication vulnerability in Adobe Coldfusion
Session fixation vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to hijack web sessions via unspecified vectors.
network
adobe CWE-287
5.8
2009-08-18 CVE-2009-1877 Cross-Site Scripting vulnerability in Adobe Coldfusion
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion 8.0.1 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1875.
network
adobe CWE-79
4.3
2009-08-18 CVE-2009-1876 Unspecified vulnerability in Adobe Coldfusion
Adobe ColdFusion 8.0.1 and earlier might allow attackers to obtain sensitive information via unspecified vectors, related to a "double-encoded null character vulnerability."
network
low complexity
adobe
5.0
2009-08-18 CVE-2009-1875 Cross-Site Scripting vulnerability in Adobe Coldfusion
Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion 8.0.1 and earlier allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2009-1877.
network
adobe CWE-79
4.3