Filtered by vendor Adobe
Subscribe
Total
5095 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-4708 | 1 Adobe | 9 Captivate, Contribute, Director and 6 more | 2024-02-04 | 7.2 HIGH | N/A |
Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System. | |||||
CVE-2005-0492 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 2.6 LOW | N/A |
Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | |||||
CVE-2006-3311 | 1 Adobe | 2 Flash Player, Flex Sdk | 2024-02-04 | 5.1 MEDIUM | N/A |
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. | |||||
CVE-2006-2042 | 1 Adobe | 1 Dreamweaver | 2024-02-04 | 7.5 HIGH | N/A |
Adobe Dreamweaver 8 before 8.0.2 and MX 2004 can generate code that allows SQL injection attacks in the (1) ColdFusion, (2) PHP mySQL, (3) ASP, (4) ASP.NET, and (5) JSP server models. | |||||
CVE-2006-3587 | 1 Adobe | 1 Flash Player | 2024-02-04 | 5.1 MEDIUM | N/A |
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors. | |||||
CVE-2006-1787 | 1 Adobe | 1 Document Server | 2024-02-04 | 2.6 LOW | N/A |
Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session. | |||||
CVE-2006-1628 | 1 Adobe | 1 Livecycle Form Manager | 2024-02-04 | 4.6 MEDIUM | N/A |
Adobe LiveCycle Workflow 7.01 and LiveCycle Forum Manager 7.01 allows users to authenticate and perform privileged actions when their account is marked "OBSOLETE" but the account is also active, within the authentication system. | |||||
CVE-2005-1841 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 2.1 LOW | N/A |
The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it. | |||||
CVE-2005-1842 | 1 Adobe | 1 Version Cue | 2024-02-04 | 2.1 LOW | N/A |
VCNative for Adobe Version Cue 1.0 and 1.0.1, as used in Creative Suite 1.0 and 1.3, and when running on Mac OS X with Version Cue Workspace, creates temporary log files with predictable names, which allows local users to modify arbitrary files via a symlink attack. | |||||
CVE-2006-3093 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 6.8 MEDIUM | N/A |
Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors. | |||||
CVE-2005-1307 | 2 Adobe, Apple | 2 Version Cue, Mac Os X | 2024-02-04 | 7.2 HIGH | N/A |
The (1) stopserver.sh and (2) startserver.sh scripts in Adobe Version Cue on Mac OS X uses the current working directory to find and execute the productname.sh script, which allows local users to execute arbitrary code by copying and calling the scripts from a user-controlled directory. | |||||
CVE-2003-0284 | 1 Adobe | 1 Acrobat | 2024-02-04 | 7.5 HIGH | N/A |
Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | |||||
CVE-2004-0194 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
Stack-based buffer overflow in the OutputDebugString function for Adobe Acrobat Reader 5.1 allows remote attackers to execute arbitrary code via a PDF document with XML Forms Data Format (XFDF) data. | |||||
CVE-1999-0133 | 1 Adobe | 1 Framemaker | 2024-02-04 | 2.1 LOW | N/A |
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. | |||||
CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 5.0 MEDIUM | N/A |
Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | |||||
CVE-2002-1017 | 1 Adobe | 1 Digital Editions | 2024-02-04 | 2.1 LOW | N/A |
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. | |||||
CVE-1999-1576 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.5 HIGH | N/A |
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method. | |||||
CVE-2002-1764 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 2.1 LOW | N/A |
acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2024-02-04 | 7.2 HIGH | N/A |
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||||
CVE-2002-1601 | 1 Adobe | 1 Photodeluxe | 2024-02-04 | 5.1 MEDIUM | N/A |
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. |