Total
1609 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-4892 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JBIG2 decoder. The vulnerability is triggered by a crafted PDF file that contains a malformed JBIG2 stream. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2018-4891 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the XPS module that handles TIFF data. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4907 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the TIFF processing in the XPS module. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4909 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module when processing metadata in JPEG images. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4911 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 6.8 MEDIUM | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability is an instance of a use after free vulnerability in the JavaScript API related to bookmark functionality. The vulnerability is triggered by crafted JavaScript code embedded within a PDF file. A successful attack can lead to code corruption, control-flow hijack, or a code re-use attack. | |||||
| CVE-2018-4912 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that handles JPEG 2000 data. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4886 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation occurs in the image conversion engine when processing Enhanced Metafile Format (EMF) data related to handling of bitmap rectangles. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4882 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the string literal parser. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4881 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion module that reads bitmap image file (BMP) data. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4883 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs because of computation that reads data that is past the end of the target buffer; the computation is part of the image conversion engine that handles Enhanced Metafile Format (EMF). A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4880 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 4.3 MEDIUM | 6.5 MEDIUM |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. This vulnerability occurs as a result of computation that reads data that is past the end of the target buffer; the computation is part of the conversion module that reads U3D data. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2018-4879 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2018-03-16 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Acrobat Reader 2018.009.20050 and earlier versions, 2017.011.30070 and earlier versions, 2015.006.30394 and earlier versions. The vulnerability is caused by the computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that processes Enhanced Metafile Format Plus (EMF+) data. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. | |||||
| CVE-2016-1051 | 3 Adobe, Apple, Microsoft | 6 Acrobat, Acrobat Dc, Acrobat Reader Dc and 3 more | 2018-02-03 | 10.0 HIGH | 9.8 CRITICAL |
| Use-after-free vulnerability in Adobe Reader and Acrobat before 11.0.16, Acrobat and Acrobat Reader DC Classic before 15.006.30172, and Acrobat and Acrobat Reader DC Continuous before 15.016.20039 on Windows and OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2016-1045, CVE-2016-1046, CVE-2016-1047, CVE-2016-1048, CVE-2016-1049, CVE-2016-1050, CVE-2016-1052, CVE-2016-1053, CVE-2016-1054, CVE-2016-1055, CVE-2016-1056, CVE-2016-1057, CVE-2016-1058, CVE-2016-1059, CVE-2016-1060, CVE-2016-1061, CVE-2016-1065, CVE-2016-1066, CVE-2016-1067, CVE-2016-1068, CVE-2016-1069, CVE-2016-1070, CVE-2016-1075, CVE-2016-1094, CVE-2016-1121, CVE-2016-1122, CVE-2016-4102, and CVE-2016-4107. | |||||
| CVE-2017-11293 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-22 | 10.0 HIGH | 9.8 CRITICAL |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. An exploitable memory corruption vulnerability exists. Successful exploitation could lead to arbitrary code execution. | |||||
| CVE-2017-16406 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability is an instance of a type confusion vulnerability in the EMF processing module. The issue causes the program to access an object using an incompatible type, leading to an out of bounds memory access. Attackers can exploit the vulnerability by using the out of bounds access for unintended reads, writes, or frees -- potentially leading to code corruption, control-flow hijack, or information leak attack. | |||||
| CVE-2017-16414 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the JavaScript API module responsible for form field computation. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||
| CVE-2017-16410 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is a result of untrusted input that is used to calculate an array index; the calculation occurs in the image conversion module, when processing GIF files. The vulnerability leads to an operation that can write to a memory location that is outside of the memory addresses allocated for the data structure. The specific scenario leads to a write access to a memory location that does not belong to the relevant process address space. | |||||
| CVE-2017-16416 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is part of the image conversion module that handles Enhanced Metafile Format Plus (EMF+) data. The vulnerability is a result of an out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. | |||||
| CVE-2017-16415 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. The vulnerability is caused by a computation that writes data past the end of the intended buffer; the computation is a part of the functionality that handles font encodings. The vulnerability is a result of out of range pointer offset that is used to access sub-elements of an internal data structure. An attacker can potentially leverage the vulnerability to corrupt sensitive data or execute arbitrary code. | |||||
| CVE-2017-16418 | 1 Adobe | 4 Acrobat, Acrobat Dc, Acrobat Reader and 1 more | 2017-12-15 | 9.3 HIGH | 8.8 HIGH |
| An issue was discovered in Adobe Acrobat and Reader: 2017.012.20098 and earlier versions, 2017.011.30066 and earlier versions, 2015.006.30355 and earlier versions, and 11.0.22 and earlier versions. This vulnerability occurs as a result of a computation that reads data that is past the end of the target buffer; the computation is a part of the image conversion module that handles XPS files. The use of an invalid (out-of-range) pointer offset during access of internal data structure fields causes the vulnerability. A successful attack can lead to sensitive data exposure. | |||||