Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 52 of 56
CVE-2009-2998CRITICALCVSS 9.3≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-2998 [CRITICAL] CWE-20 CVE-2009-2998: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly vali
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-3458.
nvd
CVE-2009-3458CRITICALCVSS 9.3≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-3458 [CRITICAL] CVE-2009-3458: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly vali
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998.
nvd
CVE-2009-2979MEDIUMCVSS 4.3≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-2979 [MEDIUM] CVE-2009-2979: Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not pro
Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
nvd
CVE-2009-3462MEDIUMCVSS 5.1≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-3462 [MEDIUM] CVE-2009-3462: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Unix, when Debug mode is enabled, allow attackers to execute arbitrary code via unspecified vectors, related to a "format bug."
nvd
CVE-2009-2987MEDIUMCVSS 4.3≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-2987 [MEDIUM] CVE-2009-2987: Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x be
Unspecified vulnerability in an ActiveX control in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 on Windows allows remote attackers to cause a denial of service via unknown vectors.
nvd
CVE-2009-2988MEDIUMCVSS 4.3v7.0v7.0.1+24 more2009-10-19
CVE-2009-2988 [MEDIUM] CWE-20 CVE-2009-2988: Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly vali
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which allows attackers to cause a denial of service via unspecified vectors.
nvd
CVE-2009-2992MEDIUMCVSS 4.3≤ 9.1.3v7.0+24 more2009-10-19
CVE-2009-2992 [MEDIUM] CWE-20 CVE-2009-2992: An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and pos
An unspecified ActiveX control in Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 does not properly validate input, which allows attackers to cause a denial of service via unknown vectors.
nvd
CVE-2009-3459CRITICALCVSS 9.3ExploitedPoC≤ 9.02009-10-13
CVE-2009-3459 [CRITICAL] CWE-119 CVE-2009-3459: Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x b
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
nvd
CVE-2009-3431MEDIUMCVSS 5.0PoCv7.0v7.0.1+22 more2009-09-25
CVE-2009-3431 [MEDIUM] CWE-119 CVE-2009-3431: Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x ver
Stack consumption vulnerability in Adobe Reader and Acrobat 9.1.3, 9.1.2, 9.1.1, and earlier 9.x versions; 8.1.6 and earlier 8.x versions; and possibly 7.1.4 and earlier 7.x versions allows remote attackers to cause a denial of service (application crash) via a PDF file with a large number of [ (open square bracket) characters in the argument to the a
nvd
CVE-2009-1862HIGHCVSS 7.8KEV≥ 9.0, ≤ 9.1.22009-07-23
CVE-2009-1862 [HIGH] CWE-787 CVE-2009-1862: Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x
Unspecified vulnerability in Adobe Reader and Acrobat 9.x through 9.1.2, and Adobe Flash Player 9.x through 9.0.159.0 and 10.x through 10.0.22.87, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via (1) a crafted Flash application in a .pdf file or (2) a crafted .swf file, related to authplay.dll, as exp
nvd
CVE-2009-2564HIGHCVSS 7.2PoCv9.0v9.12009-07-21
CVE-2009-2564 [HIGH] CWE-264 CVE-2009-2564: NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versi
NOS Microsystems getPlus Download Manager, as used in Adobe Reader 1.6.2.36 and possibly other versions, Corel getPlus Download Manager before 1.5.0.48, and possibly other products, installs NOS\bin\getPlus_HelperSvc.exe with insecure permissions (Everyone:Full Control), which allows local users to gain SYSTEM privileges by replacing getPlus_HelperSvc.e
nvd
CVE-2009-1857CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-1857 [CRITICAL] CWE-399 CVE-2009-1857: Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Read
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a PDF document with a crafted TrueType font.
nvd
CVE-2009-1859CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-1859 [CRITICAL] CWE-399 CVE-2009-1859: Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Read
Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption.
nvd
CVE-2009-0510CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-0510 [CRITICAL] CWE-119 CVE-2009-0510: Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0511, CVE-2009-0512, CVE-2009-0888, and CVE-2009-
nvd
CVE-2009-0889CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-0889 [CRITICAL] CVE-2009-0889: Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0512, and CVE-2009-0888.
nvd
CVE-2009-2028CRITICALCVSS 10.0v7.0v7.0.1+20 more2009-06-11
CVE-2009-2028 [CRITICAL] CVE-2009-2028: Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 an
Multiple unspecified vulnerabilities in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 have unknown impact and attack vectors, related to "Adobe internally discovered issues."
nvd
CVE-2009-0512CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-0512 [CRITICAL] CVE-2009-0512: Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-0510, CVE-2009-0511, CVE-2009-0888, and CVE-2009-0889.
nvd
CVE-2009-0509CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-0509 [CRITICAL] CWE-119 CVE-2009-0509: Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to execute arbitrary code via a crafted file that triggers memory corruption.
nvd
CVE-2009-1856CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-1856 [CRITICAL] CWE-189 CVE-2009-1856: Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8
Integer overflow in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows attackers to cause a denial of service or possibly execute arbitrary code via a PDF file containing unspecified parameters to the FlateDecode filter, which triggers a heap-based buffer overflo
nvd
CVE-2009-0198CRITICALCVSS 9.3v7.0v7.0.1+20 more2009-06-11
CVE-2009-0198 [CRITICAL] CWE-119 CVE-2009-0198: Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe R
Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted PDF file that contains JBIG2 text region segmen
nvd