CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Adobe : Security Vulnerabilities Published In 2006 (Execute Code)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2006-6236 DoS Exec Code 2006-12-03 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the (1) src, (2) setPageMode, (3) setLayoutMode, and (4) setNamedDest methods in an AcroPDF ActiveX control, a different set of vectors than CVE-2006-6027.
2 CVE-2006-6027 DoS Exec Code 2006-11-21 2008-09-05
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader (Adobe Acrobat Reader) 7.0 through 7.0.8 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long argument string to the LoadFile method in an AcroPDF ActiveX control.
3 CVE-2006-5857 399 Exec Code Mem. Corr. 2006-12-31 2010-08-21
9.3
Admin Remote Medium Not required Complete Complete Complete
Adobe Reader and Acrobat 7.0.8 and earlier allows user-assisted remote attackers to execute code via a crafted PDF file that triggers memory corruption and overwrites a subroutine pointer during rendering.
4 CVE-2006-5856 Exec Code Overflow 2006-12-06 2009-01-29
6.8
User Remote Medium Not required Partial Partial Partial
Stack-based buffer overflow in the Adobe Download Manager before 2.2 allows remote attackers to execute arbitrary code via a long section name in the dm.ini file, which is populated via an AOM file.
5 CVE-2006-5549 Exec Code File Inclusion 2006-10-26 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
** DISPUTED ** PHP remote file inclusion vulnerability in libraries/amfphp/amf-core/custom/CachedGateway.php in Adobe PHP SDK allows remote attackers to execute arbitrary PHP code via the AMFPHP_BASE parameter. NOTE: this issue has been disputed by a third-party researcher who states that AMFPHP_BASE is a constant.
6 CVE-2006-3978 Exec Code 2006-10-10 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Unspecified vulnerability in a Verity third party library, as used on Adobe ColdFusion MX 7 through MX 7.0.2 and possibly other products, allows local users to execute arbitrary code via unknown attack vectors.
7 CVE-2006-3587 Exec Code 2006-07-13 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Unspecified vulnerability in Adobe (Macromedia) Flash Player 8.0.24.0 allows remote attackers to execute arbitrary commands via a malformed .swf file that results in "multiple improper memory access" errors.
8 CVE-2006-3453 Exec Code Overflow 2006-07-13 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Adobe Acrobat 6.0 to 6.0.4 allows remote attackers to execute arbitrary code via unknown vectors in a document that triggers the overflow when it is distilled to PDF.
9 CVE-2006-3311 Exec Code Overflow 2006-09-12 2008-09-05
5.1
User Remote High Not required Partial Partial Partial
Buffer overflow in Adobe Flash Player 8.0.24.0 and earlier, Flash Professional 8, Flash MX 2004, and Flex 1.5 allows user-assisted remote attackers to execute arbitrary code via a long, dynamically created string in a SWF movie.
10 CVE-2006-1182 Exec Code 2006-03-15 2008-09-10
2.6
None Local High Not required Partial Partial None
Adobe Graphics Server 2.0 and 2.1 (formerly AlterCast) and Adobe Document Server (ADS) 5.0 and 6.0 allows local users to read files with certain extensions or overwrite arbitrary files and execute code via a crafted SOAP request to the AlterCast web service in which the request uses the (1) saveContent or (2) saveOptimized ADS commands, or the (3) loadContent command.
Total number of vulnerabilities : 10   Page : 1 (This Page)
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.