Vulnerabilities (CVE)

Filtered by vendor Adobe Subscribe
Filtered by product Acrobat Reader
Total 1075 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2009-0193 1 Adobe 1 Acrobat Reader 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a PDF file with a malformed JBIG2 symbol dictionary segment, a different vulnerability than CVE-2009-1061 and CVE-2009-1062.
CVE-2009-3459 1 Adobe 3 Acrobat, Acrobat Reader, Reader 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
CVE-2008-2549 1 Adobe 1 Acrobat Reader 2025-04-09 4.3 MEDIUM N/A
Adobe Acrobat Reader 8.1.2 and earlier, and before 7.1.1, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a malformed PDF document, as demonstrated by 2008-HI2.pdf.
CVE-2008-4816 2 Adobe, Microsoft 4 Acrobat, Acrobat Reader, Download Manager and 1 more 2025-04-09 4.3 MEDIUM N/A
Unspecified vulnerability in the Download Manager in Adobe Reader 8.1.2 and earlier on Windows allows remote attackers to change Internet Security options on a client machine via unknown vectors.
CVE-2009-0512 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0888, and CVE-2009-0889.
CVE-2008-4815 2 Adobe, Unix 3 Acrobat, Acrobat Reader, Unix 2025-04-09 7.5 HIGH N/A
Untrusted search path vulnerability in Adobe Reader and Acrobat 8.1.2 and earlier on Unix and Linux allows attackers to gain privileges via a Trojan Horse program in an unspecified directory that is associated with an insecure RPATH.
CVE-2009-2992 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 4.3 MEDIUM N/A
An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.
CVE-2008-0883 2 Adobe, Suse 4 Acrobat Reader, Open Suse, Suse Linux and 1 more 2025-04-09 3.7 LOW N/A
acroread in Adobe Acrobat Reader 8.1.2 allows local users to overwrite arbitrary files via a symlink attack on temporary files related to SSL certificate handling.
CVE-2009-2980 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows attackers to cause a denial of service or possibly execute arbitrary code via unspecified vectors.
CVE-2008-0726 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Integer overflow in Adobe Reader and Acrobat 8.1.1 and earlier allows remote attackers to execute arbitrary code via crafted arguments to the printSepsWithParams, which triggers memory corruption.
CVE-2008-2042 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
The Javascript API in Adobe Acrobat Professional 7.0.9 and possibly 8.1.1 exposes a dangerous method, which allows remote attackers to execute arbitrary commands or trigger a buffer overflow via a crafted PDF file that invokes app.checkForUpdate with a malicious callback function.
CVE-2007-1377 4 Adobe, Mozilla, Netscape and 1 more 4 Acrobat Reader, Firefox, Navigator and 1 more 2025-04-09 5.0 MEDIUM N/A
AcroPDF.DLL in Adobe Reader 8.0, when accessed from Mozilla Firefox, Netscape, or Opera, allows remote attackers to cause a denial of service (unspecified resource consumption) via a .pdf URL with an anchor identifier that begins with search= followed by many %n sequences, a different vulnerability than CVE-2006-6027 and CVE-2006-6236.
CVE-2009-0888 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0889.
CVE-2009-2996 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2985.
CVE-2009-2982 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
An unspecified certificate in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 might allow remote attackers to conduct a "social engineering attack" via unknown vectors.
CVE-2009-3959 4 Adobe, Apple, Microsoft and 1 more 5 Acrobat, Acrobat Reader, Mac Os X and 2 more 2025-04-09 10.0 HIGH N/A
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.
CVE-2007-1199 1 Adobe 1 Acrobat Reader 2025-04-09 4.3 MEDIUM N/A
Adobe Reader and Acrobat Trial allow remote attackers to read arbitrary files via a file:// URI in a PDF document, as demonstrated with <</URI(file:///C:/)/S/URI>>, a different issue than CVE-2007-0045.
CVE-2009-2994 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 9.3 HIGH N/A
Buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 might allow attackers to execute arbitrary code via unspecified vectors.
CVE-2009-0928 1 Adobe 2 Acrobat, Acrobat Reader 2025-04-09 10.0 HIGH N/A
Heap-based buffer overflow in Adobe Acrobat Reader and Acrobat Professional 7.1.0, 8.1.3, 9.0.0, and other versions allows remote attackers to execute arbitrary code via a PDF file containing a JBIG2 stream with a size inconsistency related to an unspecified table.
CVE-2009-1597 2 Adobe, Mozilla 2 Acrobat Reader, Firefox 2025-04-09 9.3 HIGH N/A
Mozilla Firefox executes DOM calls in response to a javascript: URI in the target attribute of a submit element within a form contained in an inline PDF file, which might allow remote attackers to bypass intended Adobe Acrobat JavaScript restrictions on accessing the document object, as demonstrated by a web site that permits PDF uploads by untrusted users, and therefore has a shared document.domain between the web site and this javascript: URI. NOTE: the researcher reports that Adobe's position is "a PDF file is active content."