Adobe Acrobat Reader vulnerabilities

CVE-2003-0142 [MEDIUM] CVE-2003-0142: Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function.

CVE-2003-0508 [HIGH] CVE-2003-0508: Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earli Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link.

CVE-2002-0030 [MEDIUM] CVE-2002-0030: The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of exec The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe.

CVE-2002-1764 [LOW] CVE-2002-1764: acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a acroread in Adobe Acrobat Reader 4.05 on Linux allows local users to overwrite arbitrary files via a symlink attack on temporary files.

CVE-2001-1069 [HIGH] CVE-2001-1069: libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.

CVE-2000-0713 [HIGH] CVE-2000-0713: Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.

CVE-1999-1576 [HIGH] CVE-1999-1576: Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.