ReportizFlow
Filtered by vendor Adobe
Subscriptions
Total
7056 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2005-3525 | 1 Adobe | 1 Shockwave Player | 2025-04-03 | N/A |
| Stack-based buffer overflow in an ActiveX control for the installer for Adobe Macromedia Shockwave Player 10.1.0.11 and earlier allows remote attackers to execute arbitrary code via crafted large values for unspecified parameters. | ||||
| CVE-2006-1787 | 1 Adobe | 1 Document Server | 2025-04-03 | N/A |
| Adobe Document Server for Reader Extensions 6.0 includes a user's session (jsession) ID in the HTTP Referer header, which allows remote attackers to gain access to PDF files that are being processed within that session. | ||||
| CVE-2001-1069 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | N/A |
| libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | ||||
| CVE-2006-3311 | 2 Adobe, Redhat | 3 Flash Player, Flex Sdk, Rhel Extras | 2025-04-03 | N/A |
| Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie. | ||||
| CVE-2006-3452 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | N/A |
| Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files. | ||||
| CVE-2004-0629 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | N/A |
| Buffer overflow in the ActiveX component (pdf.ocx) for Adobe Acrobat 5.0.5 and Acrobat Reader, and possibly other versions, allows remote attackers to execute arbitrary code via a URI for a PDF file with a null terminator (%00) followed by a long string. | ||||
| CVE-2006-1786 | 1 Adobe | 1 Document Server | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe Document Server for Reader Extensions 6.0 allows remote attackers to inject arbitrary web script or HTML via (1) the actionID parameter in ads-readerext and (2) the op parameter in AlterCast. NOTE: it is not clear whether the vendor advisory addresses this issue. | ||||
| CVE-2004-1598 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | N/A |
| Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory. | ||||
| CVE-2005-4708 | 1 Adobe | 9 Captivate, Contribute, Director and 6 more | 2025-04-03 | N/A |
| Adobe Macromedia MX 2004 products, Captivate, Contribute 2, Contribute 3, and eLicensing client install the Macromedia Licensing Service with the Users group permitted to configure the service, including the path to executable, which allows local users to execute arbitrary code as Local System. | ||||
| CVE-2004-1152 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-03 | N/A |
| Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment. | ||||
| CVE-2002-1017 | 1 Adobe | 1 Digital Editions | 2025-04-03 | N/A |
| Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. | ||||
| CVE-2002-0030 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2025-04-03 | N/A |
| The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. | ||||
| CVE-2004-0630 | 2 Adobe, Redhat | 2 Acrobat Reader, Rhel Extras | 2025-04-03 | N/A |
| The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command. | ||||
| CVE-2002-1601 | 1 Adobe | 1 Photodeluxe | 2025-04-03 | N/A |
| The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. | ||||
| CVE-2005-0492 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | N/A |
| Adobe Acrobat Reader 6.0.3 and 7.0.0 allows remote attackers to cause a denial of service (application crash) via a PDF file that contains a negative Count value in the root page node. | ||||
| CVE-2006-3588 | 2 Adobe, Redhat | 2 Flash Player, Rhel Extras | 2025-04-03 | N/A |
| Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587. | ||||
| CVE-2002-1016 | 1 Adobe | 1 Digital Editions | 2025-04-03 | N/A |
| Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files. | ||||
| CVE-2006-3093 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | N/A |
| Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors. | ||||
| CVE-2006-4726 | 1 Adobe | 1 Coldfusion | 2025-04-03 | N/A |
| Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 6.1 through 7.02 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a ColdFusion error page. | ||||
| CVE-2003-0142 | 1 Adobe | 1 Acrobat Reader | 2025-04-03 | N/A |
| Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. | ||||