Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Total 5691 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-4819 1 Adobe 1 Flash Player 2024-02-28 6.8 MEDIUM N/A
Unspecified vulnerability in Adobe Flash Player 9.0.124.0 and earlier makes it easier for remote attackers to conduct DNS rebinding attacks via unknown vectors.
CVE-2009-2994 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2009-2980 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
CVE-2009-4195 1 Adobe 1 Illustrator 2024-02-28 9.3 HIGH N/A
Buffer overflow in Adobe Illustrator CS4 14.0.0, CS3 13.0.3 and earlier, and CS3 13.0.0 allows remote attackers to execute arbitrary code via a long DSC comment in an Encapsulated PostScript (.eps) file. NOTE: some of these details are obtained from third party information.
CVE-2008-2042 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.
CVE-2008-4817 1 Adobe 3 Acrobat, Acrobat Reader, Download Manager 2024-02-28 9.3 HIGH N/A
The Download Manager in Adobe Acrobat Professional and Reader 8.1.2 and earlier allows remote attackers to execute arbitrary code via a crafted PDF document that calls an AcroJS function with a long string argument, triggering heap corruption.
CVE-2009-2988 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 4.3 MEDIUM N/A
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.
CVE-2009-0509 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption.
CVE-2008-1765 1 Adobe 1 Photoshop 2024-02-28 9.3 HIGH N/A
Buffer overflow in Adobe Photoshop Album Starter Edition 3.2, and possibly After Effects CS3, allows user-assisted remote attackers and physically proximate attackers to execute arbitrary code via a BMP file with an invalid image header. NOTE: the related issue in Photoshop CS3 is already covered by CVE-2007-2244.
CVE-2009-1874 1 Adobe 1 Jrun 2024-02-28 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in the Management Console in Adobe JRun 4.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2008-4401 1 Adobe 1 Flash Player 2024-02-28 10.0 HIGH N/A
ActionScript in Adobe Flash Player 9.0.124.0 and earlier does not require user interaction in conjunction with (1) the FileReference.browse operation in the FileReference upload API or (2) the FileReference.download operation in the FileReference download API, which allows remote attackers to create a browse dialog box, and possibly have unspecified other impact, via an SWF file.
CVE-2008-1656 1 Adobe 1 Coldfusion 2024-02-28 7.5 HIGH N/A
Adobe ColdFusion 8 and 8.0.1 does not properly implement the public access level for CFC methods, which allows remote attackers to invoke these methods via Flex 2 remoting, a different vulnerability than CVE-2006-4725.
CVE-2008-5361 1 Adobe 2 Air, Flash Player 2024-02-28 4.3 MEDIUM N/A
The ActionScript 2 virtual machine in Adobe Flash Player 10.x before 10.0.12.36 and 9.x before 9.0.151.0, and Adobe AIR before 1.5, does not verify a member element's size when performing (1) DefineConstantPool, (2) ActionJump, (3) ActionPush, (4) ActionTry, and unspecified other actions, which allows remote attackers to read sensitive data from process memory via a crafted PDF file.
CVE-2009-3458 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998.
CVE-2007-6432 1 Adobe 1 Pagemaker 2024-02-28 9.3 HIGH N/A
Stack-based buffer overflow in AldFs32.dll in Adobe PageMaker 7.0.1 and 7.0.2 allows user-assisted remote attackers to execute arbitrary code via a malformed .PMD file, related to "Key Strings," a different vulnerability than CVE-2007-5169 and CVE-2007-5394.
CVE-2009-1870 1 Adobe 3 Air, Flash Player, Flex 2024-02-28 4.9 MEDIUM N/A
Adobe Flash Player before 9.0.246.0 and 10.x before 10.0.32.18, and Adobe AIR before 1.5.2, allows attackers to obtain sensitive information via vectors involving saving an SWF file to a hard drive, related to a "local sandbox vulnerability."
CVE-2008-1201 1 Adobe 1 Flash 2024-02-28 6.8 MEDIUM N/A
Multiple unspecified vulnerabilities in FLA file parsing in Adobe Flash CS3 Professional, Flash Professional 8, and Flash Basic 8 on Windows allow user-assisted remote attackers to execute arbitrary code via a crafted .FLA file.
CVE-2009-0198 1 Adobe 2 Acrobat, Acrobat Reader 2024-02-28 9.3 HIGH N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segments with Huffman encoding.
CVE-2009-3799 1 Adobe 2 Adobe Air, Flash Player 2024-02-28 9.3 HIGH N/A
Integer overflow in the Verifier::parseExceptionHandlers function in Adobe Flash Player before 10.0.42.34 and Adobe AIR before 1.5.3 allows remote attackers to execute arbitrary code via an SWF file with a large exception_count value that triggers memory corruption, related to "generation of ActionScript exception handlers."
CVE-2009-0524 1 Adobe 2 Robohelp, Robohelp Server 2024-02-28 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 6 and 7, and RoboHelp Server 6 and 7, allows remote attackers to inject arbitrary web script or HTML via vectors involving files produced by RoboHelp.