VYPR

Vendor CVEs

Adobe Inc.

All CVEs

7,262 total · sorted by risk
  • CVE-2003-0284Jun 16, 2003
    risk 0.00cvss epss 0.02

    Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus.

  • CVE-2002-0030Apr 2, 2003
    risk 0.00cvss epss 0.01

    The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.

  • CVE-2002-1764Dec 31, 2002
    risk 0.00cvss epss 0.01

    acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files.

  • CVE-2002-1020Oct 4, 2002
    risk 0.00cvss epss 0.02

    The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.

  • CVE-2002-1017Oct 4, 2002
    risk 0.00cvss epss 0.00

    Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.

  • CVE-2002-1018Oct 4, 2002
    risk 0.00cvss epss 0.02

    The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by checking out the same book multiple times.

  • CVE-2002-1019Oct 4, 2002
    risk 0.00cvss epss 0.03

    The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.

  • CVE-2002-1601Feb 9, 2002
    risk 0.00cvss epss 0.02

    The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.

  • CVE-2001-1069Aug 31, 2001
    risk 0.00cvss epss 0.01

    libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.

  • CVE-2001-1427Jul 11, 2001
    risk 0.00cvss epss 0.02

    Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrite templates with zero byte files via unknown attack vectors.

  • CVE-2000-0713Oct 20, 2000
    risk 0.00cvss epss 0.05

    Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.

  • CVE-1999-0133Aug 14, 1996
    risk 0.00cvss epss 0.01

    fm_fls license server for Adobe Framemaker allows local users to overwrite arbitrary files and gain root access.

Page 146 of 146