Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2007-0071

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Apr, 2008 | 21:00
Updated At-07 Aug, 2024 | 12:03
Rejected At-
Credits

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Apr, 2008 | 21:00
Updated At:07 Aug, 2024 | 12:03
Rejected At:
▼CVE Numbering Authority (CNA)

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id?1020114
vdb-entry
x_refsource_SECTRACK
http://secunia.com/advisories/29865
third-party-advisory
x_refsource_SECUNIA
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
x_refsource_MISC
http://secunia.com/advisories/30507
third-party-advisory
x_refsource_SECUNIA
http://www.securityfocus.com/bid/29386
vdb-entry
x_refsource_BID
http://www.us-cert.gov/cas/techalerts/TA08-149A.html
third-party-advisory
x_refsource_CERT
http://www.adobe.com/support/security/bulletins/apsb08-11.html
x_refsource_CONFIRM
http://www.vupen.com/english/advisories/2008/1724/references
vdb-entry
x_refsource_VUPEN
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
x_refsource_MISC
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
x_refsource_MISC
http://www.redhat.com/support/errata/RHSA-2008-0221.html
vendor-advisory
x_refsource_REDHAT
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
third-party-advisory
x_refsource_CERT
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379
vdb-entry
signature
x_refsource_OVAL
http://www.zerodayinitiative.com/advisories/ZDI-08-032/
x_refsource_MISC
http://www.vupen.com/english/advisories/2008/1662/references
vdb-entry
x_refsource_VUPEN
http://www.osvdb.org/44282
vdb-entry
x_refsource_OSVDB
http://isc.sans.org/diary.html?storyid=4465
x_refsource_MISC
http://secunia.com/advisories/30430
third-party-advisory
x_refsource_SECUNIA
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
vendor-advisory
x_refsource_APPLE
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/28695
vdb-entry
x_refsource_BID
http://secunia.com/advisories/29763
third-party-advisory
x_refsource_SECUNIA
http://www.securitytracker.com/id?1019811
vdb-entry
x_refsource_SECTRACK
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
vendor-advisory
x_refsource_SUNALERT
http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
vendor-advisory
x_refsource_GENTOO
https://exchange.xforce.ibmcloud.com/vulnerabilities/37277
vdb-entry
x_refsource_XF
http://www.vupen.com/english/advisories/2008/1697
vdb-entry
x_refsource_VUPEN
http://www.kb.cert.org/vuls/id/159523
third-party-advisory
x_refsource_CERT-VN
http://www.us-cert.gov/cas/techalerts/TA08-100A.html
third-party-advisory
x_refsource_CERT
http://www.kb.cert.org/vuls/id/395473
third-party-advisory
x_refsource_CERT-VN
http://www.iss.net/threats/289.html
third-party-advisory
x_refsource_ISS
http://secunia.com/advisories/30404
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id?1020114
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://secunia.com/advisories/29865
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/30507
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securityfocus.com/bid/29386
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-149A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb08-11.html
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.vupen.com/english/advisories/2008/1724/references
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
Resource:
x_refsource_MISC
Hyperlink: http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
Resource:
x_refsource_MISC
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0221.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-150A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379
Resource:
vdb-entry
signature
x_refsource_OVAL
Hyperlink: http://www.zerodayinitiative.com/advisories/ZDI-08-032/
Resource:
x_refsource_MISC
Hyperlink: http://www.vupen.com/english/advisories/2008/1662/references
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.osvdb.org/44282
Resource:
vdb-entry
x_refsource_OSVDB
Hyperlink: http://isc.sans.org/diary.html?storyid=4465
Resource:
x_refsource_MISC
Hyperlink: http://secunia.com/advisories/30430
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/28695
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://secunia.com/advisories/29763
Resource:
third-party-advisory
x_refsource_SECUNIA
Hyperlink: http://www.securitytracker.com/id?1019811
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
Resource:
vendor-advisory
x_refsource_SUNALERT
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/37277
Resource:
vdb-entry
x_refsource_XF
Hyperlink: http://www.vupen.com/english/advisories/2008/1697
Resource:
vdb-entry
x_refsource_VUPEN
Hyperlink: http://www.kb.cert.org/vuls/id/159523
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-100A.html
Resource:
third-party-advisory
x_refsource_CERT
Hyperlink: http://www.kb.cert.org/vuls/id/395473
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://www.iss.net/threats/289.html
Resource:
third-party-advisory
x_refsource_ISS
Hyperlink: http://secunia.com/advisories/30404
Resource:
third-party-advisory
x_refsource_SECUNIA
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.securitytracker.com/id?1020114
vdb-entry
x_refsource_SECTRACK
x_transferred
http://secunia.com/advisories/29865
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
x_refsource_MISC
x_transferred
http://secunia.com/advisories/30507
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securityfocus.com/bid/29386
vdb-entry
x_refsource_BID
x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-149A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.adobe.com/support/security/bulletins/apsb08-11.html
x_refsource_CONFIRM
x_transferred
http://www.vupen.com/english/advisories/2008/1724/references
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
x_refsource_MISC
x_transferred
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
x_refsource_MISC
x_transferred
http://www.redhat.com/support/errata/RHSA-2008-0221.html
vendor-advisory
x_refsource_REDHAT
x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-150A.html
third-party-advisory
x_refsource_CERT
x_transferred
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379
vdb-entry
signature
x_refsource_OVAL
x_transferred
http://www.zerodayinitiative.com/advisories/ZDI-08-032/
x_refsource_MISC
x_transferred
http://www.vupen.com/english/advisories/2008/1662/references
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.osvdb.org/44282
vdb-entry
x_refsource_OSVDB
x_transferred
http://isc.sans.org/diary.html?storyid=4465
x_refsource_MISC
x_transferred
http://secunia.com/advisories/30430
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
vendor-advisory
x_refsource_APPLE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/28695
vdb-entry
x_refsource_BID
x_transferred
http://secunia.com/advisories/29763
third-party-advisory
x_refsource_SECUNIA
x_transferred
http://www.securitytracker.com/id?1019811
vdb-entry
x_refsource_SECTRACK
x_transferred
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
vendor-advisory
x_refsource_SUNALERT
x_transferred
http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
vendor-advisory
x_refsource_GENTOO
x_transferred
https://exchange.xforce.ibmcloud.com/vulnerabilities/37277
vdb-entry
x_refsource_XF
x_transferred
http://www.vupen.com/english/advisories/2008/1697
vdb-entry
x_refsource_VUPEN
x_transferred
http://www.kb.cert.org/vuls/id/159523
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.us-cert.gov/cas/techalerts/TA08-100A.html
third-party-advisory
x_refsource_CERT
x_transferred
http://www.kb.cert.org/vuls/id/395473
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://www.iss.net/threats/289.html
third-party-advisory
x_refsource_ISS
x_transferred
http://secunia.com/advisories/30404
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1020114
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://secunia.com/advisories/29865
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/30507
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securityfocus.com/bid/29386
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-149A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb08-11.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/1724/references
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0221.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-150A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379
Resource:
vdb-entry
signature
x_refsource_OVAL
x_transferred
Hyperlink: http://www.zerodayinitiative.com/advisories/ZDI-08-032/
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/1662/references
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.osvdb.org/44282
Resource:
vdb-entry
x_refsource_OSVDB
x_transferred
Hyperlink: http://isc.sans.org/diary.html?storyid=4465
Resource:
x_refsource_MISC
x_transferred
Hyperlink: http://secunia.com/advisories/30430
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
Resource:
vendor-advisory
x_refsource_APPLE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/28695
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://secunia.com/advisories/29763
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Hyperlink: http://www.securitytracker.com/id?1019811
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
Resource:
vendor-advisory
x_refsource_SUNALERT
x_transferred
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/37277
Resource:
vdb-entry
x_refsource_XF
x_transferred
Hyperlink: http://www.vupen.com/english/advisories/2008/1697
Resource:
vdb-entry
x_refsource_VUPEN
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/159523
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-100A.html
Resource:
third-party-advisory
x_refsource_CERT
x_transferred
Hyperlink: http://www.kb.cert.org/vuls/id/395473
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://www.iss.net/threats/289.html
Resource:
third-party-advisory
x_refsource_ISS
x_transferred
Hyperlink: http://secunia.com/advisories/30404
Resource:
third-party-advisory
x_refsource_SECUNIA
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Apr, 2008 | 21:05
Updated At:30 Oct, 2018 | 16:26

Integer overflow in Adobe Flash Player 9.0.115.0 and earlier, and 8.0.39.0 and earlier, allows remote attackers to execute arbitrary code via a crafted SWF file with a negative Scene Count value, which passes a signed comparison, is used as an offset of a NULL pointer, and triggers a buffer overflow.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary2.09.3HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
Type: Primary
Version: 2.0
Base score: 9.3
Base severity: HIGH
Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C
CPE Matches
Adobe Inc.
adobe
>>flash_player>>Versions from 8.0(inclusive) to 8.0.39.0(inclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Adobe Inc.
adobe
>>flash_player>>Versions from 9.0(inclusive) to 9.0.115.0(inclusive)
cpe:2.3:a:adobe:flash_player:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-189Primarynvd@nist.gov
CWE ID: CWE-189
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.htmlcve@mitre.org
Vendor Advisory
http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdfcve@mitre.org
Broken Link
http://isc.sans.org/diary.html?storyid=4465cve@mitre.org
Third Party Advisory
http://lists.apple.com/archives/security-announce/2008//May/msg00001.htmlcve@mitre.org
Mailing List
http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.htmlcve@mitre.org
Third Party Advisory
http://secunia.com/advisories/29763cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/29865cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/30404cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/30430cve@mitre.org
Third Party Advisory
http://secunia.com/advisories/30507cve@mitre.org
Third Party Advisory
http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1cve@mitre.org
Broken Link
http://www.adobe.com/support/security/bulletins/apsb08-11.htmlcve@mitre.org
Vendor Advisory
http://www.gentoo.org/security/en/glsa/glsa-200804-21.xmlcve@mitre.org
Third Party Advisory
http://www.iss.net/threats/289.htmlcve@mitre.org
Broken Link
http://www.kb.cert.org/vuls/id/159523cve@mitre.org
Third Party Advisory
US Government Resource
http://www.kb.cert.org/vuls/id/395473cve@mitre.org
Third Party Advisory
US Government Resource
http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/cve@mitre.org
Third Party Advisory
http://www.osvdb.org/44282cve@mitre.org
Broken Link
http://www.redhat.com/support/errata/RHSA-2008-0221.htmlcve@mitre.org
Third Party Advisory
http://www.securityfocus.com/bid/28695cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/29386cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1019811cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1020114cve@mitre.org
Third Party Advisory
VDB Entry
http://www.us-cert.gov/cas/techalerts/TA08-100A.htmlcve@mitre.org
Third Party Advisory
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-149A.htmlcve@mitre.org
Third Party Advisory
US Government Resource
http://www.us-cert.gov/cas/techalerts/TA08-150A.htmlcve@mitre.org
Third Party Advisory
US Government Resource
http://www.vupen.com/english/advisories/2008/1662/referencescve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1697cve@mitre.org
Third Party Advisory
http://www.vupen.com/english/advisories/2008/1724/referencescve@mitre.org
Third Party Advisory
http://www.zerodayinitiative.com/advisories/ZDI-08-032/cve@mitre.org
Third Party Advisory
VDB Entry
https://exchange.xforce.ibmcloud.com/vulnerabilities/37277cve@mitre.org
Third Party Advisory
VDB Entry
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379cve@mitre.org
Third Party Advisory
Hyperlink: http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://documents.iss.net/whitepapers/IBM_X-Force_WP_final.pdf
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://isc.sans.org/diary.html?storyid=4465
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.apple.com/archives/security-announce/2008//May/msg00001.html
Source: cve@mitre.org
Resource:
Mailing List
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00006.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/29763
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/29865
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/30404
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/30430
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://secunia.com/advisories/30507
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://sunsolve.sun.com/search/document.do?assetkey=1-26-238305-1
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.adobe.com/support/security/bulletins/apsb08-11.html
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://www.gentoo.org/security/en/glsa/glsa-200804-21.xml
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.iss.net/threats/289.html
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.kb.cert.org/vuls/id/159523
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.kb.cert.org/vuls/id/395473
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.matasano.com/log/1032/this-new-vulnerability-dowds-inhuman-flash-exploit/
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.osvdb.org/44282
Source: cve@mitre.org
Resource:
Broken Link
Hyperlink: http://www.redhat.com/support/errata/RHSA-2008-0221.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.securityfocus.com/bid/28695
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securityfocus.com/bid/29386
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1019811
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id?1020114
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-100A.html
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-149A.html
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.us-cert.gov/cas/techalerts/TA08-150A.html
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://www.vupen.com/english/advisories/2008/1662/references
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/1697
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.vupen.com/english/advisories/2008/1724/references
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.zerodayinitiative.com/advisories/ZDI-08-032/
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://exchange.xforce.ibmcloud.com/vulnerabilities/37277
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10379
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1436Records found
CVE-2011-2433
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-10.62% / 92.99%
||
7 Day CHG~0.00%
Published-15 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2434 and CVE-2011-2437.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2440
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.62% / 91.49%
||
7 Day CHG~0.00%
Published-15 Sep, 2011 | 10:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use-after-free vulnerability in Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-acrobat_readeracrobatn/a
CVE-2011-2099
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.91% / 92.71%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2098.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2210
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-3.52% / 87.16%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2211, and CVE-2010-2212.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2097
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.00% / 93.51%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2094 and CVE-2011-2095.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2121
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.53% / 92.53%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CVE-2010-2181
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.21% / 83.80%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2170 and CVE-2010-2183.

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CVE-2010-2161
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-0.67% / 70.36%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code."

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2011-2109
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-21.95% / 95.55%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple integer overflows in Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allow attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CVE-2011-2117
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-3.63% / 87.37%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-2114, CVE-2011-2124, CVE-2011-2127, and CVE-2011-2128.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2106
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-11.89% / 93.48%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Apple Inc.
Product-acrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2115
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-8.05% / 91.76%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

IML32.dll in Adobe Shockwave Player before 11.6.0.626 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted tSAC chunk, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-2111 and CVE-2011-2116.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-2101
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-16.27% / 94.57%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X do not properly restrict script, which allows attackers to execute arbitrary code via a crafted document, related to a "cross document script execution vulnerability."

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2010-2182
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.22% / 78.23%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2171, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2174
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.22% / 78.23%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors, related to an "invalid pointer vulnerability" and the newfunction (0x44) operator, a different vulnerability than CVE-2010-2173.

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2212
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-10.47% / 92.94%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PDF file containing Flash content with a crafted #1023 (3FFh) tag, a different vulnerability than CVE-2010-1295, CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, and CVE-2010-2211.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-2171
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-0.90% / 74.68%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via vectors related to SWF files, decompression of embedded JPEG image data, and the DefineBits and other unspecified tags, a different vulnerability than CVE-2010-2160, CVE-2010-2165, CVE-2010-2166, CVE-2010-2175, CVE-2010-2176, CVE-2010-2177, CVE-2010-2178, CVE-2010-2180, CVE-2010-2182, CVE-2010-2184, CVE-2010-2187, and CVE-2010-2188.

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0585
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.73% / 81.68%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0565.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CVE-2010-2185
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-1.09% / 77.05%
||
7 Day CHG~0.00%
Published-15 Jun, 2010 | 17:48
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aAdobe Inc.Macromedia, Inc.
Product-airflash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0560
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.48% / 93.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0594
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.93% / 92.72%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a font.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0559
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.26% / 89.60%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted parameters to an unspecified ActionScript method that cause a parameter to be used as an object pointer, a different vulnerability than CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0320
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-1.53% / 80.58%
||
7 Day CHG~0.00%
Published-16 Jun, 2011 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Dirapi.dll in Adobe Shockwave Player before 11.6.0.626 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0317, CVE-2011-0318, CVE-2011-0319, CVE-2011-0335, CVE-2011-2119, and CVE-2011-2122.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1279
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-7.46% / 91.38%
||
7 Day CHG~0.00%
Published-04 May, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted remote attackers to execute arbitrary code via a crafted TIFF file.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-photoshop_cs4n/a
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')
CVE-2010-1280
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-37.16% / 97.04%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file, related to (1) an erroneous dereference and (2) a certain Shock.dir file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2010-1295
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.52% / 93.67%
||
7 Day CHG~0.00%
Published-30 Jun, 2010 | 18:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0592
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.42% / 88.58%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, related to "Texture bmp," a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0593, CVE-2011-0595, and CVE-2011-0600.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0986
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-8.8||HIGH
EPSS-9.79% / 92.65%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted Shockwave file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-0571
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.96%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0593
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.42% / 88.58%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a crafted Universal 3D (U3D) file that triggers a buffer overflow during decompression, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0595, and CVE-2011-0600.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-0987
Matching Score-8
Assigner-Flexera Software LLC
ShareView Details
Matching Score-8
Assigner-Flexera Software LLC
CVSS Score-8.8||HIGH
EPSS-11.73% / 93.43%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute arbitrary code via crafted embedded fonts in a Shockwave file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-0563
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.80% / 90.16%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0589 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0556
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.33% / 88.46%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Font Xtra.x32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PFR1 chunk that leads to an unexpected sign extension and an invalid pointer dereference, a different vulnerability than CVE-2011-0569.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-shockwave_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0572
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.57% / 84.96%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0561, CVE-2011-0571, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0598
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.68% / 93.72%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in ACE.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows remote attackers to execute arbitrary code via crafted ICC data, a different vulnerability than CVE-2011-0596, CVE-2011-0599, and CVE-2011-0602.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CVE-2011-0618
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.13% / 90.43%
||
7 Day CHG~0.00%
Published-13 May, 2011 | 22:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Integer overflow in Adobe Flash Player before 10.3.181.14 on Windows, Mac OS X, Linux, and Solaris and before 10.3.185.21 on Android allows attackers to execute arbitrary code via unspecified vectors.

Action-Not Available
Vendor-n/aMicrosoft CorporationLinux Kernel Organization, IncGoogle LLCOracle CorporationApple Inc.Adobe Inc.
Product-linux_kernelwindowssolarisandroidflash_playermac_os_xn/a
CVE-2011-0565
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-6.78% / 90.93%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allows attackers to cause a denial of service or possibly execute arbitrary code via unknown vectors, a different vulnerability than CVE-2011-0585.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CVE-2010-1290
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.09% / 83.33%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1283
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-8.8||HIGH
EPSS-8.61% / 92.05%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) files, which allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a modified field in a 0xFFFFFF49 record.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsshockwave_playermacosn/a
CWE ID-CWE-787
Out-of-bounds Write
CVE-2011-0600
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.56% / 88.75%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The U3D component in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via a 3D file with an invalid Parent Node count that triggers an incorrect size calculation and memory corruption, a different vulnerability than CVE-2011-0590, CVE-2011-0591, CVE-2011-0592, CVE-2011-0593, and CVE-2011-0595.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2010-1284
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.55% / 84.90%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-0379
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-9.3||HIGH
EPSS-8.15% / 91.82%
||
7 Day CHG~0.00%
Published-21 Jan, 2010 | 23:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6, as distributed in Microsoft Windows XP SP2 and SP3, might allow remote attackers to execute arbitrary code via unspecified vectors that are not related to the use-after-free "Movie Unloading Vulnerability" (CVE-2010-0378). NOTE: due to lack of details, it is not clear whether this overlaps any other CVE item.

Action-Not Available
Vendor-n/aAdobe Inc.Microsoft Corporation
Product-windows_xpflash_playern/a
CVE-2010-1278
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-13.93% / 94.06%
||
7 Day CHG~0.00%
Published-22 Apr, 2010 | 14:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as used in Adobe Reader and Acrobat 8.x before 8.2 and 9.x before 9.3, allows remote attackers to execute arbitrary code via unspecified parameters.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-readeracrobatn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1292
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-5.85% / 90.20%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0614
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-31.65% / 96.64%
||
7 Day CHG~0.00%
Published-16 May, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Buffer overflow in Adobe Audition 3.0.1 and earlier allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted Audition Session (aka .ses) file.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-auditionn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0596
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-11.48% / 93.33%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The Bitmap parsing component in 2d.dll in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow remote attackers to execute arbitrary code via an image with crafted (1) height and (2) width values for an RLE_8 compressed bitmap, which triggers a heap-based buffer overflow, a different vulnerability than CVE-2011-0598, CVE-2011-0599, and CVE-2011-0602.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2011-0577
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-9.83% / 92.67%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unspecified vulnerability in Adobe Flash Player before 10.2.152.26 allows remote attackers to execute arbitrary code via a crafted font.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CVE-2011-0589
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-2.66% / 85.18%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 17:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0563 and CVE-2011-0606.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowsacrobat_readeracrobatmac_os_xn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2011-0561
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-12.48% / 93.66%
||
7 Day CHG~0.00%
Published-10 Feb, 2011 | 15:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Flash Player before 10.2.152.26 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2011-0559, CVE-2011-0560, CVE-2011-0571, CVE-2011-0572, CVE-2011-0573, CVE-2011-0574, CVE-2011-0578, CVE-2011-0607, and CVE-2011-0608.

Action-Not Available
Vendor-n/aAdobe Inc.
Product-flash_playern/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
CVE-2010-1286
Matching Score-8
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-8
Assigner-Adobe Systems Incorporated
CVSS Score-9.3||HIGH
EPSS-4.40% / 88.55%
||
7 Day CHG~0.00%
Published-13 May, 2010 | 21:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1287, CVE-2010-1289, CVE-2010-1290, and CVE-2010-1291.

Action-Not Available
Vendor-n/aMicrosoft CorporationApple Inc.Adobe Inc.
Product-windowswindows_7shockwave_playerwindows_server_2008windows_server_2003windows_vistamacosn/a
CWE ID-CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer
  • Previous
  • 1
  • 2
  • 3
  • 4
  • ...
  • 28
  • 29
  • Next
Details not found