Vendor CVEs
Adobe Inc.
All CVEs
7,262 total · sorted by risk| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2003-0284 | 0.00 | — | 0.02 | Jun 16, 2003 | Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. | |||
| CVE-2002-0030 | 0.00 | — | 0.01 | Apr 2, 2003 | The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe. | |||
| CVE-2002-1764 | 0.00 | — | 0.01 | Dec 31, 2002 | acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||
| CVE-2002-1020 | 0.00 | — | 0.02 | Oct 4, 2002 | The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available. | |||
| CVE-2002-1017 | 0.00 | — | 0.00 | Oct 4, 2002 | Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code. | |||
| CVE-2002-1018 | 0.00 | — | 0.02 | Oct 4, 2002 | The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by checking out the same book multiple times. | |||
| CVE-2002-1019 | 0.00 | — | 0.03 | Oct 4, 2002 | The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp. | |||
| CVE-2002-1601 | 0.00 | — | 0.02 | Feb 9, 2002 | The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page. | |||
| CVE-2001-1069 | 0.00 | — | 0.01 | Aug 31, 2001 | libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior. | |||
| CVE-2001-1427 | 0.00 | — | 0.02 | Jul 11, 2001 | Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors. | |||
| CVE-2000-0713 | 0.00 | — | 0.05 | Oct 20, 2000 | Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier. | |||
| CVE-1999-0133 | 0.00 | — | 0.01 | Aug 14, 1996 | fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access. |
- CVE-2003-0284Jun 16, 2003risk 0.00cvss —epss 0.02
Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.
- CVE-2002-0030Apr 2, 2003risk 0.00cvss —epss 0.01
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.
- CVE-2002-1764Dec 31, 2002risk 0.00cvss —epss 0.01
acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files.
- CVE-2002-1020Oct 4, 2002risk 0.00cvss —epss 0.02
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
- CVE-2002-1017Oct 4, 2002risk 0.00cvss —epss 0.00
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.
- CVE-2002-1018Oct 4, 2002risk 0.00cvss —epss 0.02
The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by checking out the same book multiple times.
- CVE-2002-1019Oct 4, 2002risk 0.00cvss —epss 0.03
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.
- CVE-2002-1601Feb 9, 2002risk 0.00cvss —epss 0.02
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
- CVE-2001-1069Aug 31, 2001risk 0.00cvss —epss 0.01
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.
- CVE-2001-1427Jul 11, 2001risk 0.00cvss —epss 0.02
Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.
- CVE-2000-0713Oct 20, 2000risk 0.00cvss —epss 0.05
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.
- CVE-1999-0133Aug 14, 1996risk 0.00cvss —epss 0.01
fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access.
Page 146 of 146