Adobe : Security Vulnerabilities (CVSS score between 8 and 8.99)
# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
1 |
CVE-2021-28637 |
125 |
|
|
2021-08-20 |
2021-08-31 |
8.8 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
None |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an out-of-bounds read vulnerability. An unauthenticated attacker could leverage this vulnerability achieve arbitrary read / write system information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
2 |
CVE-2021-28636 |
427 |
|
Exec Code |
2021-08-20 |
2021-08-31 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Uncontrolled Search Path Element vulnerability. An attacker with access to the victim's C:/ folder could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
3 |
CVE-2021-28634 |
78 |
|
Exec Code |
2021-08-20 |
2021-08-31 |
8.5 |
None |
Remote |
Medium |
??? |
Complete |
Complete |
Complete |
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by an Improper Neutralization of Special Elements used in an OS Command. An authenticated attacker could leverage this vulnerability to achieve arbitrary code execution on the host machine in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. |
4 |
CVE-2015-0307 |
119 |
|
DoS Overflow +Info |
2015-01-13 |
2017-09-08 |
8.5 |
None |
Remote |
Low |
Not required |
Partial |
None |
Complete |
Adobe Flash Player before 13.0.0.260 and 14.x through 16.x before 16.0.0.257 on Windows and OS X and before 11.2.202.429 on Linux, Adobe AIR before 16.0.0.245 on Windows and OS X and before 16.0.0.272 on Android, Adobe AIR SDK before 16.0.0.272, and Adobe AIR SDK & Compiler before 16.0.0.272 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via unspecified vectors. |
Total number of vulnerabilities :
4
Page :
1
(This Page)