Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Total 5743 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0726 1 Adobe 2 Acrobat, Acrobat Reader 2024-11-21 9.3 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
CVE-2008-0667 1 Adobe 1 Acrobat Reader 2024-11-21 4.3 MEDIUM N/A
The DOC.print function in the Adobe JavaScript API, as used by Adobe Acrobat and Reader before 8.1.2, allows remote attackers to configure silent non-interactive printing, and trigger the printing of an arbitrary number of copies of a document. NOTE: this issue might be subsumed by CVE-2008-0655.
CVE-2008-0655 1 Adobe 2 Acrobat, Acrobat Reader 2024-11-21 9.3 HIGH 9.8 CRITICAL
Multiple unspecified vulnerabilities in Adobe Reader and Acrobat before 8.1.2 have unknown impact and attack vectors.
CVE-2008-0644 1 Adobe 1 Coldfusion 2024-11-21 5.0 MEDIUM N/A
Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to bypass the cross-site scripting (XSS) protection mechanism for applications via unspecified vectors related to the setEncoding function.
CVE-2008-0643 1 Adobe 1 Coldfusion 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Adobe ColdFusion MX 7 and ColdFusion 8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-0642 1 Adobe 1 Robohelp 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in files created by Adobe RoboHelp 6 and 7, possibly involving use of a (1) WebHelp5 (WebHelp5Ext) or (2) WildFire (WildFireExt) extension, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2007-1280.
CVE-2007-6637 1 Adobe 1 Flash Player 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player allow remote attackers to inject arbitrary web script or HTML via a crafted SWF file, related to "pre-generated SWF files" and Adobe Dreamweaver CS3 or Adobe Acrobat Connect. NOTE: the asfunction: vector is already covered by CVE-2007-6244.1.
CVE-2007-6432 1 Adobe 1 Pagemaker 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a different vulnerability than CVE-2007-5169 and CVE-2007-5394.
CVE-2007-6431 1 Adobe 2 Connect Enterprise Server, Flash Media Server 2 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to "take control of the affected system" via unspecified vectors, a different issue than CVE-2007-6148 and CVE-2007-6149.
CVE-2007-6253 1 Adobe 2 Form Client, Form Designer 2024-11-21 9.3 HIGH N/A
Multiple buffer overflows in Adobe Form Designer 5.0 and Form Client 5.0 allow remote attackers to execute arbitrary code via unknown vectors in the (1) Adobe File Dialog Button (FileDlg.dll) and the (2) Adobe Copy to Server Object (SvrCopy.dll) ActiveX controls.
CVE-2007-6246 2 Adobe, Linux 2 Flash Player, Linux Kernel 2024-11-21 4.4 MEDIUM N/A
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0, when running on Linux, uses insecure permissions for memory, which might allow local users to gain privileges.
CVE-2007-6245 1 Adobe 1 Flash Player 2024-11-21 5.8 MEDIUM N/A
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 allows remote attackers to modify HTTP headers for client requests and conduct HTTP Request Splitting attacks.
CVE-2007-6244 1 Adobe 1 Flash Player 2024-11-21 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Adobe Flash Player 9.x up to 9.0.48.0 and 8.x up to 8.0.35.0 allow remote attackers to inject arbitrary web script or HTML via (1) a SWF file that uses the asfunction: protocol or (2) the navigateToURL function when used with the Flash Player ActiveX Control in Internet Explorer.
CVE-2007-6243 1 Adobe 1 Flash Player 2024-11-21 9.3 HIGH N/A
Adobe Flash Player 9.x up to 9.0.48.0, 8.x up to 8.0.35.0, and 7.x up to 7.0.70.0 does not sufficiently restrict the interpretation and usage of cross-domain policy files, which makes it easier for remote attackers to conduct cross-domain and cross-site scripting (XSS) attacks.
CVE-2007-6242 1 Adobe 1 Flash Player 2024-11-21 6.8 MEDIUM N/A
Unspecified vulnerability in Adobe Flash Player 9.0.48.0 and earlier might allow remote attackers to execute arbitrary code via unknown vectors, related to "input validation errors."
CVE-2007-6149 1 Adobe 2 Connect Enterprise Server, Flash Media Server 2 2024-11-21 10.0 HIGH N/A
Multiple integer overflows in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allow remote attackers to execute arbitrary code via a Real Time Message Protocol (RTMP) message with a crafted integer field that is used for allocation.
CVE-2007-6148 1 Adobe 2 Connect Enterprise Server, Flash Media Server 2 2024-11-21 10.0 HIGH N/A
Use-after-free vulnerability in the Edge server in Adobe Flash Media Server 2 before 2.0.5, and Connect Enterprise Server 6 before SP3, allows remote attackers to execute arbitrary code via an unspecified sequence of Real Time Message Protocol (RTMP) requests.
CVE-2007-6021 1 Adobe 1 Pagemaker 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a .PMD file with a crafted font structure.
CVE-2007-6019 1 Adobe 4 Air, Flash, Flash Player and 1 more 2024-11-21 9.3 HIGH N/A
Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via an SWF file with a modified DeclareFunction2 Actionscript tag, which prevents an object from being instantiated properly.
CVE-2007-5941 1 Adobe 1 Shockwave Player 2024-11-21 10.0 HIGH N/A
Stack-based buffer overflow in the SWCtl.SWCtl ActiveX control in Adobe Shockwave allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument to the ShockwaveVersion method.