Heap-based buffer overflow in Adobe Reader 11.0.06 allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 24.7% and no vendor patch available.
Use-after-free vulnerability in Adobe Flash Player before 11.7.700.275 and 11.8.x through 13.0.x before 13.0.0.182 on Windows and OS X and before 11.2.202.350 on Linux, Adobe AIR before 13.0.0.83 on. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 19.9% and no vendor patch available.
Heap-based buffer overflow in Adobe Flash Player 12.0.0.77 allows remote attackers to execute arbitrary code and bypass a sandbox protection mechanism via unspecified vectors, as demonstrated by. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 18.9% and no vendor patch available.
Stack-based buffer overflow in Artweaver Plus and Free before 3.1.5 allows remote attackers to execute arbitrary code via a crafted JPG image file. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 18.8%.
Heap-based buffer overflow in PDFCore8.dll in Nuance PDF Reader before 8.1 allows remote attackers to execute arbitrary code via crafted font table directory values in a TTF file, related to naming. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 12.9% and no vendor patch available.
Adobe Reader 11.0.06 allows attackers to bypass a PDF sandbox protection mechanism via unspecified vectors, as demonstrated by VUPEN during a Pwn2Own competition at CanSecWest 2014. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.