Filtered by vendor Adobe
Subscribe
Total
5345 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-0492 | 1 Adobe | 1 Acrobat Reader | 2023-12-10 | 2.6 LOW | N/A |
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | |||||
CVE-2006-3587 | 1 Adobe | 1 Flash Player | 2023-12-10 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors. | |||||
CVE-2006-1788 | 1 Adobe | 1 Document Server | 2023-12-10 | 2.6 LOW | N/A |
Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks. | |||||
CVE-2005-2470 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in a "core application plug-in" for Adobe Reader 5.1 through 7.0.2 and Acrobat 5.0 through 7.0.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||||
CVE-2006-0525 | 1 Adobe | 9 Acrobat, Acrobat Reader, Creative Suite and 6 more | 2023-12-10 | 4.6 MEDIUM | N/A |
Multiple Adobe products, including (1) Photoshop CS2, (2) Illustrator CS2, and (3) Adobe Help Center, install a large number of .EXE and .DLL files with write-access permission for the Everyone group, which allows local users to gain privileges via Trojan horse programs. | |||||
CVE-2006-1627 | 1 Adobe | 1 Acrobat Reader | 2023-12-10 | 7.5 HIGH | N/A |
Adobe Document Server for Reader Extensions 6.0 does not provide proper access control, which allows remote authenticated users to perform privileged actions by modifying the (1) actionID and (2) pageID parameters. NOTE: due to an error during reservation, this identifier was inadvertently associated with multiple issues. Other CVE identifiers have been assigned to handle other problems that are covered by the same disclosure. | |||||
CVE-2004-1153 | 1 Adobe | 1 Acrobat Reader | 2023-12-10 | 10.0 HIGH | N/A |
Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields. | |||||
CVE-2005-4708 | 1 Adobe | 9 Captivate, Contribute, Director and 6 more | 2023-12-10 | 7.2 HIGH | N/A |
Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System. | |||||
CVE-2006-2042 | 1 Adobe | 1 Dreamweaver | 2023-12-10 | 7.5 HIGH | N/A |
Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models. | |||||
CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2023-12-10 | 7.2 HIGH | N/A |
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | |||||
CVE-2006-3588 | 1 Adobe | 1 Flash Player | 2023-12-10 | 2.6 LOW | N/A |
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587. | |||||
CVE-2006-3311 | 1 Adobe | 2 Flash Player, Flex Sdk | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. | |||||
CVE-2006-1785 | 1 Adobe | 1 Document Server | 2023-12-10 | 2.1 LOW | N/A |
Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this issue. In addition, since the issue requires administrative privileges to exploit, it is not clear whether this crosses security boundaries. | |||||
CVE-2006-3459 | 2 Adobe, Libtiff | 2 Acrobat Reader, Libtiff | 2023-12-10 | 7.5 HIGH | N/A |
Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c. | |||||
CVE-2006-3453 | 1 Adobe | 1 Acrobat | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers to execute arbitrary code via unknown vectors in a document that triggers the overflow when it is distilled to PDF. | |||||
CVE-2006-3093 | 1 Adobe | 1 Acrobat Reader | 2023-12-10 | 6.8 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors. | |||||
CVE-2006-1786 | 1 Adobe | 1 Document Server | 2023-12-10 | 2.6 LOW | N/A |
Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue. | |||||
CVE-2006-4640 | 1 Adobe | 1 Flash Player | 2023-12-10 | 6.8 MEDIUM | N/A |
Unspecified vulnerability in Adobe Flash Player before 9.0.16.0 allows user-assisted remote attackers to bypass the allowScriptAccess protection via unspecified vectors. | |||||
CVE-2006-1182 | 1 Adobe | 2 Document Server, Graphics Server | 2023-12-10 | 2.6 LOW | N/A |
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command. | |||||
CVE-2005-1842 | 1 Adobe | 1 Version Cue | 2023-12-10 | 2.1 LOW | N/A |
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack. |