All the vulnerabilites related to Adobe Inc. - Adobe Reader
jvndb-2013-000051
Vulnerability from jvndb
Published
2013-05-31 15:44
Modified
2013-05-31 15:44
Summary
Adobe Reader X vulnerable to sandbox bypass
Details
Adobe Reader X contains a vulnerability which may allow the sandbox to be bypassed.
Yuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | http://jvn.jp/en/jp/JVN24560784/index.html | |
| Related document | http://www.fourteenforty.jp/cgi-bin/advisory/advisory.cgi?type=release&id=FFRRA-20130603 | |
| No Mapping(CWE-Other) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Adobe Inc. | Adobe Reader |
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000051.html",
"dc:date": "2013-05-31T15:44+09:00",
"dcterms:issued": "2013-05-31T15:44+09:00",
"dcterms:modified": "2013-05-31T15:44+09:00",
"description": "Adobe Reader X contains a vulnerability which may allow the sandbox to be bypassed.\r\n\r\nYuji Ukai of Fourteenforty Research Institute, Inc. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2013/JVNDB-2013-000051.html",
"sec:cpe": {
"#text": "cpe:/a:adobe:acrobat_reader",
"@product": "Adobe Reader",
"@vendor": "Adobe Inc.",
"@version": "2.2"
},
"sec:cvss": {
"@score": "2.6",
"@severity": "Low",
"@type": "Base",
"@vector": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2013-000051",
"sec:references": [
{
"#text": "http://jvn.jp/en/jp/JVN24560784/index.html",
"@id": "JVN#24560784",
"@source": "JVN"
},
{
"#text": "http://www.fourteenforty.jp/cgi-bin/advisory/advisory.cgi?type=release\u0026id=FFRRA-20130603",
"@id": "FFRRA-20130603",
"@source": "Related document"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-Other",
"@title": "No Mapping(CWE-Other)"
}
],
"title": "Adobe Reader X vulnerable to sandbox bypass"
}
jvndb-2012-000079
Vulnerability from jvndb
Published
2012-08-30 13:57
Modified
2014-05-23 18:34
Summary
Adobe Reader fails to properly handle signatures
Details
Adobe Reader fails to properly handle RSA signatures.
Adobe Reader contains an issue where it may fail to properly verify RSA signatures.
Masahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA.
JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.
References
| ▼ | Type | URL |
|---|---|---|
| JVN | https://jvn.jp/en/jp/JVN51615542/index.html | |
| CVE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339 | |
| NVD | http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339 | |
| CERT-VN | http://www.kb.cert.org/vuls/id/845620 | |
| Credentials Management(CWE-255) | https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html |
Impacted products
{
"@rdf:about": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html",
"dc:date": "2014-05-23T18:34+09:00",
"dcterms:issued": "2012-08-30T13:57+09:00",
"dcterms:modified": "2014-05-23T18:34+09:00",
"description": "Adobe Reader fails to properly handle RSA signatures.\r\n\r\nAdobe Reader contains an issue where it may fail to properly verify RSA signatures.\r\n\r\nMasahiko Takenaka of FUJITSU LABORATORIES LTD. reported this vulnerability to IPA.\r\nJPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.",
"link": "https://jvndb.jvn.jp/en/contents/2012/JVNDB-2012-000079.html",
"sec:cpe": [
{
"#text": "cpe:/a:adobe:acrobat_reader",
"@product": "Adobe Reader",
"@vendor": "Adobe Inc.",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_application_server_enterprise",
"@product": "Cosminexus Application Server Enterprise",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_application_server_standard",
"@product": "Cosminexus Application Server Standard",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_application_server_version_5",
"@product": "Cosminexus Application Server Version 5",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer_light_version_6",
"@product": "Cosminexus Developer Light Version 6",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer_professional_version_6",
"@product": "Cosminexus Developer Professional Version 6",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer_standard_version_6",
"@product": "Cosminexus Developer Standard Version 6",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_developer_version_5",
"@product": "Cosminexus Developer Version 5",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server_-_enterprise_edition",
"@product": "Cosminexus Server - Enterprise Edition",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition",
"@product": "Cosminexus Server - Standard Edition",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server_-_standard_edition_version_4",
"@product": "Cosminexus Server - Standard Edition Version 4",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition",
"@product": "Cosminexus Server - Web Edition",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:cosminexus_server_-_web_edition_version_4",
"@product": "Cosminexus Server - Web Edition Version 4",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:hitachi_web_server",
"@product": "Hitachi Web Server",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server_enterprise",
"@product": "uCosminexus Application Server Enterprise",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_application_server_standard",
"@product": "uCosminexus Application Server Standard",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer",
"@product": "uCosminexus Developer",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer_light",
"@product": "uCosminexus Developer Light",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_developer_standard",
"@product": "uCosminexus Developer Standard",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service_architect",
"@product": "uCosminexus Service Architect",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
},
{
"#text": "cpe:/a:hitachi:ucosminexus_service_platform",
"@product": "uCosminexus Service Platform",
"@vendor": "Hitachi, Ltd",
"@version": "2.2"
}
],
"sec:cvss": {
"@score": "5.0",
"@severity": "Medium",
"@type": "Base",
"@vector": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"@version": "2.0"
},
"sec:identifier": "JVNDB-2012-000079",
"sec:references": [
{
"#text": "https://jvn.jp/en/jp/JVN51615542/index.html",
"@id": "JVN#51615542",
"@source": "JVN"
},
{
"#text": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4339",
"@id": "CVE-2006-4339",
"@source": "CVE"
},
{
"#text": "http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2006-4339",
"@id": "CVE-2006-4339",
"@source": "NVD"
},
{
"#text": "http://www.kb.cert.org/vuls/id/845620",
"@id": "US-CERT Vulnerability Note VU#845620",
"@source": "CERT-VN"
},
{
"#text": "https://www.ipa.go.jp/en/security/vulnerabilities/cwe.html",
"@id": "CWE-255",
"@title": "Credentials Management(CWE-255)"
}
],
"title": "Adobe Reader fails to properly handle signatures"
}