Next Page >>
Adobe Acrobat Reader
Hash: SHA1
Core Security Technologies - CoreLabs Advisory
http://corelabs.coresecurity.com/
Adobe Acrobat Reader Acrord32.dll Use After Free Vulnerability
1. *Advisory Information*
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Adobe Acrobat Reader: Multiple vulnerabilities
Date: March 02, 2008
Updated: March 02, 2008
Bugs: #170177
ID: 200803-01:04
1) This is interesting bug in draw image function
2) This vulnerability exists NOT only in xpdf application
3) Adobe Acrobat Reader is vulnerable to this attack too (but ONLY Linux
version !!!)
4) Adobe Acrobat Reader didn’t know about this bug but in his last
release fix this vulnerability.
VUPEN Vulnerability Research - Adobe Acrobat and Reader U3D Filter Code
Execution Vulnerabilities
I. BACKGROUND ---------------------
Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).
VUPEN Security Research - Adobe Acrobat and Reader JPEG Data Buffer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader PNG Data Buffer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader BMP Data Buffer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader GIF Data Buffer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader "newclass" Memory
Corruption Vulnerability (CVE-2010-1285)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Severity: Normal
Title: Adobe Acrobat Reader: Insecure temporary file creation
Date: March 18, 2008
Bugs: #212367
ID: 200803-26
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
I. BACKGROUND
---------------------
Adobe Acrobat is a family of computer programs developed by Adobe
Systems, designed to view, create, manipulate and manage files in
Adobe's Portable Document Format (PDF).
II. DESCRIPTION
VUPEN Security Research - Adobe Acrobat and Reader #1023 Tag Buffer Overflow
Vulnerability (CVE-2010-2212)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader "newfunction" Memory
Corruption Vulnerability (CVE-2010-2168)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader "pushstring" Memory
Corruption Vulnerability (CVE-2010-2201)
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
"Adobe Acrobat and Reader are the global standards for electronic
VUPEN Security Research - Adobe Acrobat and Reader U3D Integer Overflow
Vulnerability
http://www.vupen.com/english/research.php
I. BACKGROUND
---------------------
Adobe Acrobat and Reader are the global standards for electronic document
ZDI-11-077: Adobe Acrobat Reader U3D Texture Parser ILBM Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-077
February 8, 2011
-- CVE ID:
CVE-2011-0590
-- CVSS:
ZDI-10-193: Adobe Acrobat Reader Multimedia Playing Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-10-193
October 6, 2010
-- CVE ID:
CVE-2010-3632
-- CVSS:
9, (AV:N/AC:L/Au:N/C:P/I:P/A:C)
-----Original Message-----
From: Juergen Schmidt [mailto:ju@heisec.de]
Sent: Friday, October 05, 2007 8:59 AM
To: bugtraq@securityfocus.com; full-disclosure@lists.grok.org.uk
Subject: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype
Hello,
the URI handling problem on Windows XP systems with IE 7 installed hits a lot of applications, not only Firefox (and mIRC) -- namely Skype, Acrobat Reader, Miranda, Netscape.
ZDI-11-067: Adobe Acrobat Reader U3D Texture rgba RLE Decompression Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-067
February 8, 2011
-- CVE ID:
CVE-2011-0591
-- CVSS:
ZDI-11-075: Adobe Acrobat Reader rt3d.dll Multimedia Playing Arbitrary Memory Overwite Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-075
February 8, 2011
-- CVE ID:
CVE-2011-0606
-- CVSS:
http://www.nruns.com/ security(at)nruns.com
n.runs-SA-2009.007 15-Oct-2009
_______________________________________________________________________
Vendor: Adobe Systems Incorporated, http://www.adobe.com
Affected Products: Adobe Acrobat Reader/Acrobat
Version: 8.1.3 - 8.1.6
Platform: Windows
Vulnerability: Invalid pointer write could lead to arbitrary
code execution
Risk: HIGH
======================================================================
Secunia Research 04/11/2008
- Adobe Acrobat/Reader "util.printf()" Buffer Overflow -
======================================================================
Table of Contents
Affected Software....................................................1
ZDI-11-066: Adobe Acrobat Reader U3D Texture .iff RLE Decompression Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-066
February 8, 2011
-- CVE ID:
CVE-2011-0590
-- CVSS:
ZDI-11-068: Adobe Acrobat Reader U3D Texture bmp RLE Decompression Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-068
February 8, 2011
-- CVE ID:
CVE-2011-0592
-- CVSS:
ZDI-11-069: Adobe Acrobat Reader U3D Texture psd RLE Decompression Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-069
February 8, 2011
-- CVE ID:
CVE-2011-0593
-- CVSS:
ZDI-11-070: Adobe Acrobat Reader U3D Texture .fli RLE Decompression Remote Code Execution Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-11-070
February 8, 2011
-- CVE ID:
CVE-2011-0595
-- CVSS:
ZDI-09-014: Adobe Acrobat getIcon() Stack Overflow Vulnerability
http://www.zerodayinitiative.com/advisories/ZDI-09-014
March 24, 2009
-- CVE ID:
CVE-2009-0927
-- Affected Vendors:
Adobe
http://labs.idefense.com/intelligence/vulnerabilities/
Jun 09, 2009
I. BACKGROUND
Adobe Acrobat Reader/Acrobat are programs for viewing and editing
Portable Document Format (PDF) documents. For more information, see the
vendor's site found at the following link.
http://www.adobe.com/products/reader/
http://www.adobe.com/products/acrobatpro/
http://labs.idefense.com/intelligence/vulnerabilities/
Mar 24, 2009
I. BACKGROUND
Adobe Acrobat Reader/Acrobat are programs for viewing and editing
Portable Document Format (PDF) documents. For more information, see the
vendor's site found at the following link.
http://www.adobe.com/products/reader/
http://www.adobe.com/products/acrobatpro/
SUMMARY
Critical vulnerabilities exist in a large number of widely used web
authoring tools that automatically generate Shockwave Flash (SWF)
files, such as Adobe (r) Dreamweaver (r), Adobe Acrobat (r) Connect
(tm) (formerly Macromedia Breeze), InfoSoft FusionCharts, and
Techsmith Camtasia. The flaws render websites that host these
generated SWF files vulnerable to Cross-Site Scripting (XSS).
This problem is not limited to authoring tools. Autodemo, a popular
Next Page>>
|
