Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2006-3459

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-03 Aug, 2006 | 01:00
Updated At-07 Aug, 2024 | 18:30
Rejected At-
Credits

Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:03 Aug, 2006 | 01:00
Updated At:07 Aug, 2024 | 18:30
Rejected At:
▼CVE Numbering Authority (CNA)

Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
vendor-advisory
x_refsource_SGI
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
vendor-advisory
x_refsource_APPLE
http://www.vupen.com/english/advisories/2007/3486
vdb-entry
x_refsource_VUPEN
http://secunia.com/advisories/21501
third-party-advisory
x_refsource_SECUNIA
http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
vendor-advisory
x_refsource_MANDRIVA
http://secunia.com/advisories/21537
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21632
third-party-advisory
x_refsource_SECUNIA
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
vendor-advisory
x_refsource_GENTOO
http://secunia.com/advisories/21338
third-party-advisory
x_refsource_SECUNIA
http://www.ubuntu.com/usn/usn-330-1
vendor-advisory
x_refsource_UBUNTU
http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2006/3101
vdb-entry
x_refsource_VUPEN
http://securitytracker.com/id?1016628
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/21253
third-party-advisory
x_refsource_SECUNIA
http://www.debian.org/security/2006/dsa-1137
vendor-advisory
x_refsource_DEBIAN
http://secunia.com/advisories/21370
third-party-advisory
x_refsource_SECUNIA
http://securitytracker.com/id?1016671
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/21598
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0648.html
vendor-advisory
x_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
vendor-advisory
x_refsource_MANDRIVA
http://www.securityfocus.com/bid/19289
vdb-entry
x_refsource_BID
http://secunia.com/advisories/27222
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2007/4034
vdb-entry
x_refsource_VUPEN
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
third-party-advisory
x_refsource_CERT
http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
vendor-advisory
x_refsource_SUSE
http://secunia.com/advisories/21290
third-party-advisory
x_refsource_SECUNIA
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
vdb-entry
signature
x_refsource_OVAL
http://secunia.com/advisories/21274
third-party-advisory
x_refsource_SECUNIA
http://www.vupen.com/english/advisories/2006/3105
vdb-entry
x_refsource_VUPEN
http://secunia.com/blog/76
x_refsource_MISC
http://secunia.com/advisories/27181
third-party-advisory
x_refsource_SECUNIA
http://www.redhat.com/support/errata/RHSA-2006-0603.html
vendor-advisory
x_refsource_REDHAT
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
vendor-advisory
x_refsource_SGI
http://secunia.com/advisories/21304
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/19283
vdb-entry
x_refsource_BID
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
vendor-advisory
x_refsource_SLACKWARE
https://issues.rpath.com/browse/RPL-558
x_refsource_CONFIRM
http://secunia.com/advisories/27832
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21346
third-party-advisory
x_refsource_SECUNIA
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
vendor-advisory
x_refsource_SUNALERT
http://secunia.com/advisories/21319
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21392
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/21334
third-party-advisory
x_refsource_SECUNIA
http://secunia.com/advisories/22036
third-party-advisory
x_refsource_SECUNIA
http://www.osvdb.org/27723
vdb-entry
x_refsource_OSVDB
http://lwn.net/Alerts/194228/
vendor-advisory
x_refsource_TRUSTIX
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
vendor-advisory
x_refsource_SUNALERT
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://www.vupen.com/english/advisories/2007/3486
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/advisories/21501
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://secunia.com/advisories/21537
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21632
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: http://secunia.com/advisories/21338
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.ubuntu.com/usn/usn-330-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2006/3101
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://securitytracker.com/id?1016628
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/21253
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.debian.org/security/2006/dsa-1137
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: http://secunia.com/advisories/21370
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://securitytracker.com/id?1016671
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/21598
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0648.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
Resource:
vendor-advisory
x_refsource_MANDRIVA
Hyperlink: http://www.securityfocus.com/bid/19289
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/27222
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2007/4034
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://secunia.com/advisories/21290
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://secunia.com/advisories/21274
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.vupen.com/english/advisories/2006/3105
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://secunia.com/blog/76
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/27181
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0603.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
Hyperlink: http://secunia.com/advisories/21304
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/19283
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
Resource:
vendor-advisory
x_refsource_SLACKWARE
Hyperlink: https://issues.rpath.com/browse/RPL-558
Resource:
x_refsource_CONFIRM
Hyperlink: http://secunia.com/advisories/27832
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21346
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://secunia.com/advisories/21319
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21392
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/21334
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://secunia.com/advisories/22036
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.osvdb.org/27723
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://lwn.net/Alerts/194228/
Resource:
vendor-advisory
x_refsource_TRUSTIX
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
Resource:
vendor-advisory
x_refsource_SUNALERT
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
vendor-advisory
x_refsource_SGI
x_transferred
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://www.vupen.com/english/advisories/2007/3486
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/advisories/21501
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://secunia.com/advisories/21537
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21632
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
http://secunia.com/advisories/21338
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.ubuntu.com/usn/usn-330-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2006/3101
vdb-entry
x_refsource_VUPEN
x_transferred
http://securitytracker.com/id?1016628
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/21253
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.debian.org/security/2006/dsa-1137
vendor-advisory
x_refsource_DEBIAN
x_transferred
http://secunia.com/advisories/21370
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://securitytracker.com/id?1016671
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/21598
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0648.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
vendor-advisory
x_refsource_MANDRIVA
x_transferred
http://www.securityfocus.com/bid/19289
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/27222
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2007/4034
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.us-cert.gov/cas/techalerts/TA06-214A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://secunia.com/advisories/21290
third-party-advisory
x_refsource_SECUNIA
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://secunia.com/advisories/21274
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.vupen.com/english/advisories/2006/3105
vdb-entry
x_refsource_VUPEN
x_transferred
http://secunia.com/blog/76
x_refsource_MISC
x_transferred
http://secunia.com/advisories/27181
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.redhat.com/support/errata/RHSA-2006-0603.html
vendor-advisory
x_refsource_REDHAT
x_transferred
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
vendor-advisory
x_refsource_SGI
x_transferred
http://secunia.com/advisories/21304
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/19283
vdb-entry
x_refsource_BID
x_transferred
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
vendor-advisory
x_refsource_SLACKWARE
x_transferred
https://issues.rpath.com/browse/RPL-558
x_refsource_CONFIRM
x_transferred
http://secunia.com/advisories/27832
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21346
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://secunia.com/advisories/21319
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21392
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/21334
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://secunia.com/advisories/22036
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.osvdb.org/27723
vdb-entry
x_refsource_OSVDB
x_transferred
http://lwn.net/Alerts/194228/
vendor-advisory
x_refsource_TRUSTIX
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/3486
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/advisories/21501
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://secunia.com/advisories/21537
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21632
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: http://secunia.com/advisories/21338
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.ubuntu.com/usn/usn-330-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3101
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://securitytracker.com/id?1016628
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/21253
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.debian.org/security/2006/dsa-1137
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: http://secunia.com/advisories/21370
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://securitytracker.com/id?1016671
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/21598
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0648.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
Resource:
vendor-advisory
x_refsource_MANDRIVA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19289
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/27222
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2007/4034
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://secunia.com/advisories/21290
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://secunia.com/advisories/21274
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2006/3105
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://secunia.com/blog/76
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/27181
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0603.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
Resource:
vendor-advisory
x_refsource_SGI
x_transferred
Hyperlink: http://secunia.com/advisories/21304
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/19283
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
Resource:
vendor-advisory
x_refsource_SLACKWARE
x_transferred
Hyperlink: https://issues.rpath.com/browse/RPL-558
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://secunia.com/advisories/27832
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21346
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://secunia.com/advisories/21319
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21392
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/21334
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://secunia.com/advisories/22036
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.osvdb.org/27723
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://lwn.net/Alerts/194228/
Resource:
vendor-advisory
x_refsource_TRUSTIX
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:03 Aug, 2006 | 01:04
Updated At:03 Apr, 2025 | 01:03

Multiple stack-based buffer overflows in the TIFF library (libtiff) before 3.8.2, as used in Adobe Reader 9.3.0 and other products, allow context-dependent attackers to execute arbitrary code or cause a denial of service via unspecified vectors, including a large tdir_count value in the TIFFFetchShortPair function in tif_dirread.c.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.07.5HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Type: Primary
Version: 2.0
Base score: 7.5
Base severity: HIGH
Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P
CPE Matches
LibTIFF
libtiff
>>libtiff>>Versions up to 3.8.1(inclusive)
cpe:2.3:a:libtiff:libtiff:*:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta18:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta24:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta28:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta29:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta31:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta32:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta34:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta35:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta36:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.4
cpe:2.3:a:libtiff:libtiff:3.4:beta37:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.1
cpe:2.3:a:libtiff:libtiff:3.5.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.2
cpe:2.3:a:libtiff:libtiff:3.5.2:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.3
cpe:2.3:a:libtiff:libtiff:3.5.3:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.4
cpe:2.3:a:libtiff:libtiff:3.5.4:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.5
cpe:2.3:a:libtiff:libtiff:3.5.5:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.6
cpe:2.3:a:libtiff:libtiff:3.5.6:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.6
cpe:2.3:a:libtiff:libtiff:3.5.6:beta:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha2:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha3:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:alpha4:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.5.7
cpe:2.3:a:libtiff:libtiff:3.5.7:beta:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.0
cpe:2.3:a:libtiff:libtiff:3.6.0:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.0
cpe:2.3:a:libtiff:libtiff:3.6.0:beta:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.0
cpe:2.3:a:libtiff:libtiff:3.6.0:beta2:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.6.1
cpe:2.3:a:libtiff:libtiff:3.6.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.0
cpe:2.3:a:libtiff:libtiff:3.7.0:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.0
cpe:2.3:a:libtiff:libtiff:3.7.0:alpha:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.0
cpe:2.3:a:libtiff:libtiff:3.7.0:beta:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.0
cpe:2.3:a:libtiff:libtiff:3.7.0:beta2:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.1
cpe:2.3:a:libtiff:libtiff:3.7.1:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.2
cpe:2.3:a:libtiff:libtiff:3.7.2:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.3
cpe:2.3:a:libtiff:libtiff:3.7.3:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.7.4
cpe:2.3:a:libtiff:libtiff:3.7.4:*:*:*:*:*:*:*
LibTIFF
libtiff
>>libtiff>>3.8.0
cpe:2.3:a:libtiff:libtiff:3.8.0:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>acrobat_reader>>9.3.0
cpe:2.3:a:adobe:acrobat_reader:9.3.0:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-119Primarynvd@nist.gov
CWE ID: CWE-119
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
Organization : Red Hat
Last Modified : 2007-03-14T00:00:00

Red Hat Enterprise Linux 5 is not vulnerable to this issue as it contains a backported patch.

References
HyperlinkSourceResource
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Psecalert@redhat.com
N/A
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.ascsecalert@redhat.com
N/A
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.htmlsecalert@redhat.com
N/A
http://lwn.net/Alerts/194228/secalert@redhat.com
N/A
http://secunia.com/advisories/21253secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21274secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21290secalert@redhat.com
N/A
http://secunia.com/advisories/21304secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21319secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21334secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21338secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21346secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21370secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21392secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21501secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21537secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21598secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/21632secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/22036secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/27181secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/27222secalert@redhat.com
Vendor Advisory
http://secunia.com/advisories/27832secalert@redhat.com
Vendor Advisory
http://secunia.com/blog/76secalert@redhat.com
Vendor Advisory
http://securitytracker.com/id?1016628secalert@redhat.com
N/A
http://securitytracker.com/id?1016671secalert@redhat.com
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600secalert@redhat.com
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1secalert@redhat.com
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1secalert@redhat.com
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-166.htmsecalert@redhat.com
N/A
http://www.debian.org/security/2006/dsa-1137secalert@redhat.com
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xmlsecalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:136secalert@redhat.com
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137secalert@redhat.com
N/A
http://www.novell.com/linux/security/advisories/2006_44_libtiff.htmlsecalert@redhat.com
N/A
http://www.osvdb.org/27723secalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2006-0603.htmlsecalert@redhat.com
N/A
http://www.redhat.com/support/errata/RHSA-2006-0648.htmlsecalert@redhat.com
N/A
http://www.securityfocus.com/bid/19283secalert@redhat.com
N/A
http://www.securityfocus.com/bid/19289secalert@redhat.com
N/A
http://www.ubuntu.com/usn/usn-330-1secalert@redhat.com
N/A
http://www.us-cert.gov/cas/techalerts/TA06-214A.htmlsecalert@redhat.com
US Government Resource
http://www.vupen.com/english/advisories/2006/3101secalert@redhat.com
N/A
http://www.vupen.com/english/advisories/2006/3105secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2007/3486secalert@redhat.com
Vendor Advisory
http://www.vupen.com/english/advisories/2007/4034secalert@redhat.com
Vendor Advisory
https://issues.rpath.com/browse/RPL-558secalert@redhat.com
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497secalert@redhat.com
N/A
ftp://patches.sgi.com/support/free/security/advisories/20060801-01-Paf854a3a-2127-422b-91ae-364da2661108
N/A
ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://lwn.net/Alerts/194228/af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21253af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21274af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21290af854a3a-2127-422b-91ae-364da2661108
N/A
http://secunia.com/advisories/21304af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21319af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21334af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21338af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21346af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21370af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21392af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21501af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21537af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21598af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/21632af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/22036af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/27181af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/27222af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/advisories/27832af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://secunia.com/blog/76af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://securitytracker.com/id?1016628af854a3a-2127-422b-91ae-364da2661108
N/A
http://securitytracker.com/id?1016671af854a3a-2127-422b-91ae-364da2661108
N/A
http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://support.avaya.com/elmodocs2/security/ASA-2006-166.htmaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.debian.org/security/2006/dsa-1137af854a3a-2127-422b-91ae-364da2661108
Patch
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200608-07.xmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:136af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.mandriva.com/security/advisories?name=MDKSA-2006:137af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.novell.com/linux/security/advisories/2006_44_libtiff.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.osvdb.org/27723af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0603.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.redhat.com/support/errata/RHSA-2006-0648.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19283af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/19289af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.ubuntu.com/usn/usn-330-1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.us-cert.gov/cas/techalerts/TA06-214A.htmlaf854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2006/3101af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.vupen.com/english/advisories/2006/3105af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2007/3486af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://www.vupen.com/english/advisories/2007/4034af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://issues.rpath.com/browse/RPL-558af854a3a-2127-422b-91ae-364da2661108
N/A
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
Source: secalert@redhat.com
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://lwn.net/Alerts/194228/
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/21253
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21274
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21290
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://secunia.com/advisories/21304
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21319
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21334
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21338
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21346
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21370
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21392
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21501
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21537
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21598
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21632
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22036
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27181
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27222
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27832
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/blog/76
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1016628
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016671
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1137
Source: secalert@redhat.com
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.osvdb.org/27723
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0603.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0648.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19283
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19289
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-330-1
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Source: secalert@redhat.com
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3101
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3105
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/3486
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/4034
Source: secalert@redhat.com
Resource:
Vendor Advisory
Hyperlink: https://issues.rpath.com/browse/RPL-558
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
Source: secalert@redhat.com
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060801-01-P
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: ftp://patches.sgi.com/support/free/security/advisories/20060901-01-P.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lists.apple.com/archives/security-announce/2006//Aug/msg00000.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://lwn.net/Alerts/194228/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21253
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21274
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21290
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://secunia.com/advisories/21304
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21319
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21334
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21338
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21346
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21370
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21392
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21501
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21537
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21598
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/21632
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/22036
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27181
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27222
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/advisories/27832
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://secunia.com/blog/76
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://securitytracker.com/id?1016628
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://securitytracker.com/id?1016671
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://slackware.com/security/viewer.php?l=slackware-security&y=2006&m=slackware-security.536600
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-103160-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-66-201331-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.avaya.com/elmodocs2/security/ASA-2006-166.htm
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.debian.org/security/2006/dsa-1137
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Patch
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:136
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.mandriva.com/security/advisories?name=MDKSA-2006:137
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.novell.com/linux/security/advisories/2006_44_libtiff.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.osvdb.org/27723
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0603.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.redhat.com/support/errata/RHSA-2006-0648.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19283
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/19289
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.ubuntu.com/usn/usn-330-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA06-214A.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2006/3101
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.vupen.com/english/advisories/2006/3105
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/3486
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://www.vupen.com/english/advisories/2007/4034
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: https://issues.rpath.com/browse/RPL-558
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11497
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

2552Records found
CVE-2020-3785
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-10.06% / 92.78%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 20:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-photoshop_2020windowsphotoshop_ccmacosAdobe Photoshop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2012-2088
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-2.78% / 85.49%
||
7 Day CHG~0.00%
Published-22 Jul, 2012 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer signedness error in the TIFFReadDirectory function in tif_dirread.c in libtiff 3.9.4 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a negative tile depth in a tiff image, which triggers an improper conversion between signed and unsigned types, leading to a heap-based buffer overflow.

Action-Not Available
Vendor-n/aLibTIFF
Product-libtiffn/a
CVE-2020-3783
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-24.98% / 95.95%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 20:31
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a heap corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-photoshop_2020windowsphotoshop_ccmacosAdobe Photoshop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3801
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-20.74% / 95.38%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 17:15
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2020-3789
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-10.06% / 92.78%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 20:33
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-photoshop_2020windowsphotoshop_ccmacosAdobe Photoshop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3799
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-28.80% / 96.38%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 16:00
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a stack-based buffer overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3786
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-10.06% / 92.78%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 20:30
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop CC 2019 versions 20.0.8 and earlier, and Photoshop 2020 versions 21.1 and earlier have a memory corruption vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-photoshop_2020windowsphotoshop_ccmacosAdobe Photoshop
CWE ID-CWE-787
Out-of-bounds Write
CVE-2020-3793
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-25.38% / 96.00%
||
7 Day CHG~0.00%
Published-25 Mar, 2020 | 15:58
Updated-04 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2020.006.20034 and earlier, 2017.011.30158 and earlier, 2017.011.30158 and earlier, 2015.006.30510 and earlier, and 2015.006.30510 and earlier have a use-after-free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2015-8668
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.8||CRITICAL
EPSS-7.58% / 91.46%
||
7 Day CHG~0.00%
Published-08 Jan, 2016 | 19:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in the PackBitsPreEncode function in tif_packbits.c in bmp2tiff in libtiff 4.0.6 and earlier allows remote attackers to execute arbitrary code or cause a denial of service via a large width field in a BMP image.

Action-Not Available
Vendor-n/aRed Hat, Inc.LibTIFFOracle Corporation
Product-enterprise_linuxenterprise_linux_desktopvm_serverenterprise_linux_workstationlibtifflinuxn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8221
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:26
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8199
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.64% / 90.00%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:23
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8213
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:25
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8061
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 20:08
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8036
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:53
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-7965
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-4.06% / 88.07%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:31
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8024
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-35.34% / 96.92%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:47
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8023
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-16.16% / 94.55%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:44
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8041
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-39.72% / 97.21%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:56
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8030
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:51
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8029
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.17% / 89.51%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:49
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcmacoswindowsacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8025
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.17% / 89.51%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:47
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8197
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-39.72% / 97.21%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:23
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8098
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-4.06% / 88.07%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 20:24
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8071
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-0.65% / 69.88%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 18:03
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Download Manager versions 2.0.0.363 have an insecure file permissions vulnerability. Successful exploitation could lead to privilege escalation.

Action-Not Available
Vendor-Microsoft CorporationAdobe Inc.
Product-windowsdownload_managerAdobe Download Manager
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-8215
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:25
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8016
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-7.29% / 91.28%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:42
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8167
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-3.18% / 86.44%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:13
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-8206
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-3.30% / 86.71%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:24
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8256
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-0.66% / 70.22%
||
7 Day CHG~0.00%
Published-19 Dec, 2019 | 19:40
Updated-04 Aug, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ColdFusion versions Update 6 and earlier have an insecure inherited permissions of default installation directory vulnerability. Successful exploitation could lead to privilege escalation.

Action-Not Available
Vendor-Adobe Inc.
Product-coldfusionColdFusion
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2019-8028
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:51
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8042
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-39.72% / 97.21%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:56
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8009
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-4.06% / 88.07%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:39
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8161
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-3.18% / 86.44%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:11
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-8214
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:25
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8022
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-16.16% / 94.55%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:46
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8088
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-12.68% / 93.72%
||
7 Day CHG~0.00%
Published-25 Oct, 2019 | 15:21
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Experience Manager versions 6.5, 6.4, 6.3 and 6.2 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution.

Action-Not Available
Vendor-Adobe Inc.
Product-experience_managerAdobe Experience Manager
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2019-8003
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:33
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8055
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 20:05
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8047
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.17% / 89.51%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:58
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8220
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:26
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions, 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8211
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-5.27% / 89.62%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:25
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8015
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-33.24% / 96.76%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:43
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8100
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-4.06% / 88.07%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 20:26
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an out-of-bounds write vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8046
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-39.72% / 97.21%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:59
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a heap overflow vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-787
Out-of-bounds Write
CVE-2019-8026
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:50
Updated-04 Aug, 2024 | 21:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8236
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-0.80% / 73.04%
||
7 Day CHG~0.00%
Published-23 Oct, 2019 | 20:46
Updated-04 Aug, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Creative Cloud Desktop Application version 4.6.1 and earlier versions have Security Bypass vulnerability. Successful exploitation could lead to Privilege Escalation in the context of the current user.

Action-Not Available
Vendor-n/aApple Inc.Microsoft CorporationAdobe Inc.
Product-windowscreative_cloudmacosAdobe Creative Cloud Desktop application
CVE-2019-8044
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-37.21% / 97.05%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:57
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have a double free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-415
Double Free
CVE-2019-8031
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-30.10% / 96.50%
||
7 Day CHG~0.00%
Published-20 Aug, 2019 | 19:52
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8257
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-20.74% / 95.38%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 23:12
Updated-04 Aug, 2024 | 21:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017.011.30142 and earlier, 2017.011.30143 and earlier, 2015.006.30497 and earlier, and 2015.006.30498 and earlier have an use after free vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-416
Use After Free
CVE-2019-8169
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.8||CRITICAL
EPSS-3.18% / 86.44%
||
7 Day CHG~0.00%
Published-17 Oct, 2019 | 20:15
Updated-04 Aug, 2024 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Acrobat and Reader versions , 2019.012.20040 and earlier, 2017.011.30148 and earlier, 2017.011.30148 and earlier, 2015.006.30503 and earlier, and 2015.006.30503 and earlier have a type confusion vulnerability. Successful exploitation could lead to arbitrary code execution .

Action-Not Available
Vendor-Apple Inc.Microsoft CorporationAdobe Inc.
Product-acrobat_dcwindowsmacosacrobat_reader_dcAdobe Acrobat and Reader
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 51
  • 52
  • Next
Details not found