Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Total 6185 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2004-0631 1 Adobe 1 Acrobat Reader 2025-04-03 10.0 HIGH N/A
Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via a long filename for the PDF file that is provided to the uudecode command.
CVE-2006-1788 1 Adobe 1 Document Server 2025-04-03 2.6 LOW N/A
Adobe Document Server for Reader Extensions 6.0, during log on, provides different error messages depending on whether the user ID is valid or invalid, which allows remote attackers to more easily identify valid user IDs via brute force attacks.
CVE-2006-3452 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-03 4.6 MEDIUM N/A
Adobe Reader and Acrobat 6.0.4 and earlier, on Mac OSX, has insecure file and directory permissions, which allows local users to gain privileges by overwriting program files.
CVE-2006-3588 1 Adobe 1 Flash Player 2025-04-03 2.6 LOW N/A
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to cause a denial of service (browser crash) via a malformed, compressed .swf file, a different issue than CVE-2006-3587.
CVE-2002-1017 1 Adobe 1 Digital Editions 2025-04-03 2.1 LOW N/A
Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.
CVE-2003-0434 4 Adobe, Mandrakesoft, Redhat and 1 more 7 Acrobat, Mandrake Linux, Mandrake Linux Corporate Server and 4 more 2025-04-03 7.5 HIGH N/A
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
CVE-2005-0035 1 Adobe 1 Acrobat Reader 2025-04-03 5.1 MEDIUM N/A
The Acrobat web control in Adobe Acrobat and Acrobat Reader 7.0 and earlier, when used with Internet Explorer, allows remote attackers to determine the existence of arbitrary files via the LoadFile ActiveX method.
CVE-2000-0713 1 Adobe 3 Acrobat, Acrobat Business Tools, Acrobat Reader 2025-04-03 7.6 HIGH N/A
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.
CVE-2002-1601 1 Adobe 1 Photodeluxe 2025-04-03 5.1 MEDIUM N/A
The Connectables feature in Adobe PhotoDeluxe 3.1 prepends the Adobe directory to the CLASSPATH environment variable, which allows applets to run with higher privileges and remote attackers to gain privileges via an HTML e-mail message or a web page.
CVE-2004-1152 1 Adobe 1 Acrobat Reader 2025-04-03 10.0 HIGH N/A
Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary code via an e-mail message with a crafted PDF attachment.
CVE-2005-1306 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-03 5.0 MEDIUM 7.5 HIGH
The Adobe Reader control in Adobe Reader and Acrobat 7.0 and 7.0.1 allows remote attackers to determine the existence of files via Javascript containing XML script, aka the "XML External Entity vulnerability."
CVE-1999-1576 1 Adobe 1 Acrobat Reader 2025-04-03 7.5 HIGH N/A
Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.
CVE-2004-1153 1 Adobe 1 Acrobat Reader 2025-04-03 10.0 HIGH N/A
Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via an .ETD document containing format string specifiers in (1) title or (2) baseurl fields.
CVE-2003-0508 1 Adobe 1 Acrobat Reader 2025-04-03 7.5 HIGH N/A
Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.
CVE-2005-1841 1 Adobe 1 Acrobat Reader 2025-04-03 2.1 LOW N/A
The control for Adobe Reader 5.0.9 and 5.0.10 on Linux, Solaris, HP-UX, and AIX creates temporary files with the permissions as specified in a user's umask, which could allow local users to read PDF documents of that user if the umask allows it.
CVE-2006-1785 1 Adobe 1 Document Server 2025-04-03 2.1 LOW N/A
Adobe Document Server for Reader Extensions 6.0 allows remote authenticated users to inject arbitrary web script via a leading (1) ftp or (2) http URI in the ReaderURL variable in the "Update Download Site" section of ads-readerext. NOTE: it is not clear whether the vendor advisory addresses this issue. In addition, since the issue requires administrative privileges to exploit, it is not clear whether this crosses security boundaries.
CVE-2004-1598 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-03 5.0 MEDIUM N/A
Adobe Acrobat and Acrobat Reader 6.0 allow remote attackers to read arbitrary files via a PDF file that contains an embedded Shockwave (swf) file that references files outside of the temporary directory.
CVE-2006-3093 1 Adobe 1 Acrobat Reader 2025-04-03 6.8 MEDIUM N/A
Multiple unspecified vulnerabilities in Adobe Acrobat Reader (acroread) before 7.0.8 have unknown impact and unknown vectors.
CVE-2004-0630 1 Adobe 1 Acrobat Reader 2025-04-03 10.0 HIGH N/A
The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those before 5.0.9, allows remote attackers to execute arbitrary code via shell metacharacters ("`" or backtick) in the filename of the PDF file that is provided to the uudecode command.
CVE-2005-1625 1 Adobe 1 Acrobat Reader 2025-04-03 5.0 MEDIUM N/A
Stack-based buffer overflow in the UnixAppOpenFilePerform function in Adobe Reader 5.0.9 and 5.0.10 for Unix allows remote attackers to execute arbitrary code via a PDF document with a long /Filespec tag.