Accessibility

Security bulletins and advisories

This page contains important information regarding security vulnerabilities that may affect specific versions of Adobe products and solutions. Please use this information to take the corrective actions prescribed. In our effort to serve you better, you may also sign up for e-mail notification of any future advisories.

Click here to report a security issue associated with an Adobe product.

Bulletins and advisories for this month

Brief Originally Posted Last Updated
APSB09-15 -Security Advisory for Adobe Reader and Acrobat 10/8/2009 10/8/2009

Bulletins and advisories by product

View security bulletins for a specific product:

Adobe Reader (Windows)

Version 9.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSB09-03 Security Update available for Adobe Reader 9 and Acrobat 9 3/10/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
Version 8.x
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 07/17/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-02 Privilege escalation issue in Adobe Reader 8.1.2 for Unix 03/11/2008 07/17/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007

Version 7.x
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
APSA06-02 Potential vulnerabilities in Adobe Reader and Acrobat 11/28/2006 11/28/2006
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
XML External Entity vulnerability in Adobe Reader/Acrobat 06/15/2005 06/15/2005
Adobe Reader/Acrobat invalid root page node Count 04/01/2005 04/01/2005
Local file discovery in Adobe Reader/Acrobat through Internet Explorer 04/01/2005 04/01/2005

Version 6.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Prevent malicious media (Flash) playback 12/13/2004 12/13/2004
PNG library 1.2.5 vulnerability 12/13/2004 12/13/2004
eBook plug-in vulnerability with *.etd files 12/13/2004 12/13/2004
ActiveX control buffer overflow 09/08/2004 09/08/2004
Filename Handler Buffer Overflow 09/08/2004 09/08/2004
Version 5.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Arbitrary code execution from a malicious PDF document 06/07/2004 06/07/2004

Version 4.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
Security vulnerabilities due to buffer overrun attacks 07/25/2000 07/25/2000

Adobe Reader (Macintosh)

Version 9.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSB09-03 Security Update available for Adobe Reader 9 and Acrobat 9 3/10/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
Version 8.x
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007

Version 7.x
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Arbitrary application execution from a malicious PDF document 06/27/2005 06/27/2005
Acrobat/Reader Updater changes Safari Frameworks folder permissions 06/27/2005 06/27/2005
XML External Entity vulnerability in Adobe Reader/Acrobat 06/15/2005 06/15/2005

Version 6.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
File Permissions Vulnerability in Adobe Reader and Adobe Acrobat (Mac OS) 07/11/2006 07/11/2006
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Prevent malicious media (Flash) playback 12/13/2004 12/13/2004
PNG library 1.2.5 vulnerability 12/13/2004 12/13/2004
eBook plug-in vulnerability with *.etd files 12/13/2004 12/13/2004

Version 5.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005

Adobe Reader (Unix)

Version 9.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
Version 8.x
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007

Version 7.x
Brief Originally Posted Last Updated
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005

Version 5.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA07-01 Cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/04/2007 01/04/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Buffer overflow vulnerability in Adobe Reader 07/05/2005 07/05/2005
Temporary file vulnerability due to Adobe Reader 07/05/2005 07/05/2005
mailListIsPDF buffer overflow issue 12/14/2004 12/14/2004
Long file name uudecode buffer overflow 12/14/2004 12/14/2004
Shell metacharacters uudecode exploit 12/14/2004 12/14/2004
Buffer overflow with long mailto link 12/14/2004 12/14/2004

Adobe Acrobat (Windows)

Version 9.x Pro Extended, Pro, and Standard
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSB09-03 Security Update available for Adobe Reader 9 and Acrobat 9 3/10/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
Version 3D
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007

Version 8.x Professional and Standard
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007

Version 7.x Professional, Standard and Elements
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSA06-02 Potential vulnerabilities in Adobe Reader and Acrobat 11/28/2006 12/06/2006
APSB06-20 Update available for potential vulnerabilities in Adobe Reader and Acrobat 12/05/2006 12/05/2006
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
XML External Entity vulnerability in Adobe Reader/Acrobat 06/15/2005 06/15/2005
Adobe Reader/Acrobat invalid root page node Count 04/01/2005 04/01/2005
Local file discovery in Adobe Reader/Acrobat through Internet Explorer 04/01/2005 04/01/2005

Version 6.x Professional and Standard
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Buffer Overflow Vulnerability in Adobe Acrobat 07/11/2006 07/11/2006
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Prevent malicious media (Flash) playback 12/13/2004 12/13/2004
PNG library 1.2.5 vulnerability 12/13/2004 12/13/2004
eBook plug-in vulnerability with *.etd files 12/13/2004 12/13/2004
ActiveX control buffer overflow 09/08/2004 09/08/2004
Filename Handler Buffer Overflow 09/08/2004 09/08/2004
Version 5.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Arbitrary code execution from a malicious PDF document 06/07/2004 06/07/2004
Improper validation of JavaScript in PDF files 04/30/2004 04/30/2004

Version 4.x
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSB07-18 Update available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/22/2007 10/22/2007
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Security vulnerabilities due to buffer overrun attacks 07/25/2000 07/25/2000

Adobe Acrobat (Macintosh)

Version 9.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSB09-03 Security Update available for Adobe Reader 9 and Acrobat 9 3/10/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
Version 3D
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007

Version 8.x Professional and Standard
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSA09-02 Buffer overflow issues in Adobe Reader and Acrobat 5/1/2009 5/12/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-19 Security Update available for Adobe Reader 8 and Acrobat 8 11/04/2008 11/04/2008
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007

Version 7.x Professional, Standard and Elements
Brief Originally Posted Last Updated
APSB09-07 Security Updates available for Adobe Reader and Acrobat 6/9/2009 6/16/2009
APSB09-06 Security Updates available for Adobe Reader and Acrobat 5/12/2009 6/9/2009
APSB09-04 Security Update available for Adobe Reader and Acrobat 3/18/2009 3/24/2009
APSA09-01 Buffer overflow issue in versions 9.0 and earlier of Adobe Reader and Acrobat 2/19/2009 3/24/2009
APSB08-15 Security Update available for Adobe Reader and Acrobat 8.1.2 06/23/2008 06/23/2008
APSB08-13 Security Update available for Adobe Reader and Acrobat 7 and 8 05/06/2008 05/06/2008
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Arbitrary application execution from a malicious PDF document 06/27/2005 06/27/2005
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Acrobat/Reader Updater changes Safari Frameworks folder permissions 06/27/2005 06/27/2005
XML External Entity vulnerability in Adobe Reader/Acrobat 06/15/2005 06/15/2005

Version 6.x Professional and Standard
Brief Originally Posted Last Updated
APSA08-01 Security update available for Adobe Reader and Acrobat 8 02/07/2008 05/06/2008
APSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
File Permissions Vulnerability in Adobe Reader and Adobe Acrobat (Mac OS) 07/11/2006 07/11/2006
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005
Prevent malicious media (Flash) playback 12/13/2004 12/13/2004
PNG library 1.2.5 vulnerability 12/13/2004 12/13/2004
eBook plug-in vulnerability with *.etd files 12/13/2004 12/13/2004

Version 5.x
Brief Originally Posted Last Updated
vAPSA07-04 Workaround available for vulnerability in versions 8.1 and earlier of Adobe Reader and Acrobat 10/05/2007 10/05/2007
APSA07-02 Server-side workarounds to prevent potential cross-site scripting vulnerability in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
APSB07-01 Update available for vulnerabilities in versions 7.0.8 and earlier of Adobe Reader and Acrobat 01/09/2007 01/09/2007
Adobe Acrobat and Adobe Reader Plug-in Buffer Overflow 08/16/2005 08/16/2005

After Effects

After Effects CS3
Brief Originally Posted Last Updated
APSA08-05 Potential vulnerability in After Effects CS3 05/06/2008 05/06/2008

Breeze

Version 5
Brief Originally Posted Last Updated
APSB06-16 Information disclosure in Breeze Licensed Server 10/10/2006 10/10/2006
MPSB05-10 Security Patch for Insufficient Validation in Breeze Communication Server and Breeze Live Server 11/15/2005 11/15/2005
MPSB05-06 Breeze 5.0 Password Reset Encryption 09/29/2005 09/29/2005

Adobe Bridge

Brief Originally Posted Last Updated
APSB07-09 Update available for privilege escalation issue in Bridge 1.0.3 installer package 04/10/2007 04/10/2007

ColdFusion

Version 8
Brief Originally Posted Last Updated
APSB09-12 Security Update: Hotfixes available for ColdFusion and JRun 8/17/2009 10/5/2009
APSB09-09 Hotfix available for potential ColdFusion 8 input sanitization issue 7/8/2009 8/19/2009
APSB08-21 Update available for potential ColdFusion 8 privilege escalation issue 11/05/2008 11/05/2008
APSB08-12 Update available for ColdFusion 8 CFC method access level issue 04/08/2008 04/08/2008
APSB08-06 Update available for potential ColdFusion MX 7 and ColdFusion 8 Cross Site Scripting security issue 03/11/2008 03/11/2008
APSB08-07 Update available for ColdFusion MX 7 and ColdFusion 8 Cross-Site Scripting issue 03/11/2008 03/11/2008
APSB08-08 Update available for ColdFusion MX 7 and ColdFusion 8 logs invalid admin interface log-in attempts 03/11/2008 03/11/2008
APSB07-19 Update available for ColdFusion MX 7 and ColdFusion 8 potential session hijacking issue 11/13/2007 11/13/2007
Version MX 7
Brief Originally Posted Last Updated
APSB08-21 Update available for potential ColdFusion 8 privilege escalation issue 11/05/2008 11/05/2008
APSB08-06 Update available for potential ColdFusion MX 7 and ColdFusion 8 Cross Site Scripting security issue 03/11/2008 03/11/2008
APSB08-07 Update available for ColdFusion MX 7 and ColdFusion 8 Cross-Site Scripting issue 03/11/2008 03/11/2008
APSB08-08 Update available for ColdFusion MX 7 and ColdFusion 8 logs invalid admin interface log-in attempts 03/11/2008 03/11/2008
APSB07-19 Update available for ColdFusion MX 7 and ColdFusion 8 potential session hijacking issue 11/13/2007 11/13/2007
APSB07-08 Workaround available for Linux and Solaris ColdFusion MX 7 file permissions vulnerability 04/10/2007 04/10/2007
APSB07-06 Patch available for ColdFusion MX 7 cross-site scripting protection bypass 03/13/2007 03/13/2007
APSB07-05 Patch available for JRun cross-site scripting issue 02/13/2007 02/13/2007
APSB07-04 Patch available for ColdFusion MX cross-site scripting issue 02/13/2007 02/13/2007
APSB07-03 Patch available for ColdFusion MX 7 cross-site scripting issue when Global Script Protection is not enabled 02/13/2007 02/13/2007
APSB07-02 Patch available for ColdFusion MX 7 and JRun 4 information disclosure issue 01/09/2007 01/09/2007
APSB06-17 Local privilege escalation in a ColdFusion third party library 10/10/2006 10/10/2006
APSB06-12 Denial of service in ColdFusion Flash Remoting Gateway 09/12/2006 09/12/2006
APSB06-13 ColdFusion Sandbox Security vulnerability 09/12/2006 09/12/2006
APSB06-14 ColdFusion cross-site scripting in error page 09/12/2006 09/12/2006
APSB06-10 ColdFusion AdminAPI Authentication Issue 08/08/2006 08/08/2006
MPSB05-14 Cumulative Security Updater for ColdFusion MX 7 12/15/2005 12/15/2005
MPSB05-03 ColdFusion MX 7 cross-site scripting in default error page 05/10/2005 05/10/2005
Version MX 6.1
Brief Originally Posted Last Updated
APSB07-05 Patch available for JRun cross-site scripting issue 02/13/2007 02/13/2007
APSB07-04 Patch available for ColdFusion MX cross-site scripting issue 02/13/2007 02/13/2007
APSB06-14 ColdFusion cross-site scripting in error page 09/12/2006 09/12/2006
MPSB05-12Sandbox Security and CFMAIL Vulnerability in ColdFusion MX 6.X 12/15/2005 12/15/2005
MPSB05-02 Workaround available for ColdFusion MX 6.1 Updater file disclosure 04/07/2005 04/07/2005
MPSB04-10 The CFOBJECT tag and CreateObject functions should be secured in a shared or untrusted developer environment 10/08/2004 10/08/2004
MPSB04-09 Cumulative Security Patch available for ColdFusion MX 09/23/2004 09/23/2004
MPSB04-06 Security Patch available for ColdFusion MX 6.1 File Upload Denial of service 04/15/2004 04/15/2004
MPSB04-01 Security Patch available for ColdFusion MX sandbox security 01/28/2004 01/28/2004
MPSB04-02 Security Patch available for ColdFusion MX 6.1 form fields Denial of service 01/28/2004 01/28/2004
MPSB03-07 Security Patch available for ColdFusion MX and JRun 4.0 Web Services DoS 12/09/2003 12/09/2003
MPSB03-06 Security Patch Available for ColdFusion MX/ColdFusion Cross-Site Scripting Vulnerability with Default Error Handlers 09/18/2003 09/18/2003
MPSB03-04 Patch for Apache 1.3.x, 2.0 View Source Vulnerability in ColdFusion MX and JRun 4.0 on Windows 07/08/2003 07/08/2003
MPSB03-02 Using Windows NT Authentication and Windows file permissions 01/20/2003 01/20/2003
Version MX 6
Brief Originally Posted Last Updated
APSB07-05 Patch available for JRun cross-site scripting issue 02/13/2007 02/13/2007
APSB07-04 Patch available for ColdFusion MX cross-site scripting issue 02/13/2007 02/13/2007
APSB06-14 ColdFusion cross-site scripting in error page 09/12/2006 09/12/2006
MPSB05-12 Sandbox Security and CFMAIL Vulnerability in ColdFusion MX 6.X 12/15/2005 12/15/2005
MPSB04-10 The CFOBJECT tag and CreateObject functions should be secured in a shared or untrusted developer environment 10/08/2004 10/08/2004
MPSB04-09 Cumulative Security Patch available for ColdFusion MX 09/23/2004 09/23/2004
MPSB04-04 Security Patch available for ColdFusion MX and JRun 4.0 Web Services DoS 03/15/2004 03/15/2004
MPSB03-07 Security Patch available for ColdFusion MX and JRun 4.0 Web Services DoS 12/09/2003 12/10/2003
MPSB03-06 Security Patch Available for ColdFusion MX/ColdFusion Cross-Site Scripting Vulnerability with Default Error Handlers 09/18/2003 09/18/2003
MPSB03-04 Patch for Apache 1.3.x, 2.0 View Source Vulnerability in ColdFusion MX and JRun 4.0 on Windows 07/08/2003 07/08/2003
MPSB03-02 Using Windows NT Authentication and Windows file permissions 01/30/2003 01/30/2003
MPSB03-01 Patch available for ColdFusion MX Enterprise Edition 01/09/2003 01/09/2003
MPSB02-13 ColdFusion MX file extension mappings 11/06/2002 11/06/2002
MPSB02-07 Patch available to support Apache 2.0.39 with JRun 4.0/ColdFusion MX 06/27/2002 06/27/2002
MPSB02-05 Patch Available for Buffer Overflow attack on ColdFusion MX with Microsoft IIS 06/27/2002 06/27/2002
MPSB02-04 ColdFusion MX Enterprise Edition's JSP functionality should be disabled in shared, hosted environments 06/13/2002 06/13/2002
MPSB02-03 Patch available for default Missing Template page in ColdFusion MX 06/13/2002 06/13/2002
Previous Versions
Brief Originally Posted Last Updated
MPSB03-06 Security Patch Available for ColdFusion MX/ColdFusion Cross-Site Scripting Vulnerability with Default Error Handlers 09/18/2003 09/18/2003
MPSB02-01 Certain DOS reserved filenames may cause ColdFusion to display the physical web root directory when ColdFusion is used with Microsoft IIS 05/09/2002 05/09/2002
MPSB01-11 The CFEXECUTE tag should be disabled when using ColdFusion Sandbox Security Operating System type) on Windows 11/27/2001 11/27/2001
MPSB01-08 Best Practice for Security Issue in Example Applications Released with ColdFusion Server Versions 4.x and Earlier 08/07/2001 08/07/2001
MPSB01-07 ColdFusion Security Patch for versions 2.0 through 4.5.1 SP2 07/11/2001 07/11/2001
ASB00-14 Workaround available for Denial of Service attack against ColdFusion Administrator 06/07/2000 06/07/2000
ASB00-12 ClusterCATS Appends Stale Query String to URL Line during HTML Redirection 05/08/2000 05/08/2000
ASB00-03 Patch Available For Potential Information Exposure By The CFCACHE Tag 01/04/2000 01/04/2000
ASB99-10 Addressing Potential Security Issues with Undocumented CFML Tags and Functions Used in the ColdFusion Administrator 07/29/1999 09/29/1999
ASB99-04 Multiple SQL Statements in Dynamic Queries 02/04/1999 06/01/1999
ASB99-07 Solution Available for Denial-of-Service Attack Using CF Admin. Start/Stop Utility 05/19/1999 05/19/1999
ASB99-08 Pages Encrypted with CFCRYPT.EXE Can Be Illegally Decrypted 05/19/1999 05/19/1999
ASB99-02 ColdFusion Example Applications and Sample Code Exposes Servers 02/04/1999 05/19/1999
ASB99-01 Expression Evaluator Security Issues 02/04/1999 04/30/1999

Connect

Brief Originally Posted Last Updated
APSB08-04 Update available to address Adobe Connect Enterprise Server security issues 02/12/2008 02/12/2008
APSB08-02 Update available for Adobe Connect Enterprise Server cross-site scripting issue 01/16/2008 01/16/2008
APSB07-14 Patch available for Adobe Connect Enterprise Server information disclosure issue 09/11/2007 09/11/2007

Contribute Publishing Services

Brief Originally Posted Last Updated
APSB08-01 Update to Dreamweaver and Contribute to address potential cross-site scripting vulnerabilities 01/16/2008 01/16/2008
APSB06-15 Local information disclosure in a Contribute Publishing Server 10/10/2006 10/10/2006
MPSB05-08 Contribute Publishing Server Password Encryption 11/15/2006 11/15/2006
MPSB05-04 Potential Security Risk with Macromedia eLicensing Client Activation Code 06/09/2005 06/09/2005

Adobe Creative Suite (All Platforms)

Version 2.x
Brief Originally Posted Last Updated
File Permissions Vulnerability in Adobe Creative Suite 2 02/02/2006 02/02/2006

Adobe Creative Suite (Windows)

Version 2.x
Brief Originally Posted Last Updated
File Permissions Vulnerability in Adobe Creative Suite 2 02/02/2006 02/02/2006

Version 1.x
Brief Originally Posted Last Updated
Advisory for License Management Service vulnerability 06/09/2005 06/09/2005

Adobe Document Server

Version 5.x and 6.x
Brief Originally Posted Last Updated
Adobe Document Server for Reader Extensions authentication vulnerability 04/11/2006 04/11/2006
Adobe Graphics Server and Adobe Document Server configuration security vulnerability 03/13/2005 03/13/2005

Adobe Download Manager

Brief Originally Posted Last Updated
APSB06-19 Update available for buffer overflow in Adobe Download Manager 12/05/2006 12/05/2006

Dreamweaver

Dreamweaver CS3
Brief Originally Posted Last Updated
APSB08-01 Update to Dreamweaver and Contribute to address potential cross-site scripting vulnerabilities 01/16/2008 01/16/2008

Version 8
Brief Originally Posted Last Updated
APSB08-01 Update to Dreamweaver and Contribute to address potential cross-site scripting vulnerabilities 01/16/2008 01/16/2008
APSB06-07 Dreamweaver Server Behavior SQL Injection vulnerability 05/09/2006 05/09/2006

Version MX
Brief Originally Posted Last Updated
APSB06-07 Dreamweaver Server Behavior SQL Injection vulnerability 05/09/2006 05/09/2006
MPSB05-04 Potential Security Risk with Macromedia eLicensing Client Activation Code 06/09/2006 06/09/2006
MPSB04-05 Potential Risk in Dreamweaver Remote Database Connectivity 04/02/2004 04/02/2004
MPSB03-05 Patch and Work Around for Dreamweaver MX, DRK, and UltraDev Server Behaviors 08/19/2003 08/19/2003

Flash

Flash CS3 Professional
Brief Originally Posted Last Updated
APSA08-09 October Flash Professional CS3 Security Advisory 10/15/2008 10/15/2008
APSA08-03 Potential vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8 03/19/2008 03/19/2008
Flash 8
Brief Originally Posted Last Updated
APSA08-03 Potential vulnerability in Flash CS3 Professional, Flash Professional 8 and Flash Basic 8 03/19/2008 03/19/2008

Flash Communication Server

Brief Originally Posted Last Updated
MPSB05-09 Security Patch for Insufficient Validation in Flash Communication Server 11/15/2005 11/15/2005

Flash Media Server

Brief Originally Posted Last Updated
APSB09-05 Updates available to address Flash Media Server privilege escalation issue 4/30/2009 4/30/2009
APSA08-11 Content Protection in Flash Media Server 3.0 09/02/2008 02/26/2009
APSA08-06 Content Protection in Flash Media Server 09/02/2008 09/02/2008
APSB08-03 Update available to address Flash Media Server security issues 02/12/2008 02/12/2008
MPSB05-11 Administrator Interface Denial of Service Vulnerability in Flash Media Server 12/15/2005 12/15/2005

Flash Player

Version 10.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-04 Security Advisory for Adobe Flash Player 7/28/2009 7/30/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-01 Flash Player update available to address security vulnerabilities 2/24/2009 2/24/2009
Version 9.x
Brief Originally Posted Last Updated
APSB09-10 Security Updates available for Adobe Flash Player, Adobe Reader and Acrobat 7/30/2009 8/19/2009
APSA09-04 Security Advisory for Adobe Flash Player 7/28/2009 7/30/2009
APSA09-03 Security Advisory for Adobe Reader, Acrobat and Flash Player 7/22/2009 8/3/2009
APSB09-01 Flash Player update available to address security vulnerabilities 2/24/2009 2/24/2009
APSB08-24 Security update available for Linux Flash Player 10.0.12.36 and Linux Flash Player 9.0.151.0 12/17/2008 12/17/2008
APSB08-22 Additional disclosure of security vulnerabilities fixed in Flash Player 10.0.12.36 and Flash Player 9.0.151.0 11/17/2008 11/17/2008
APSB08-20 Flash Player update available to address security vulnerabilities 11/05/2008 11/17/2008
APSB08-18 Flash Player update available to address security vulnerabilities 10/15/2008 11/17/2008
APSA08-08 Flash Player workaround available for "Clickjacking" issue 10/07/2008 11/05/2008
APSB08-11 Flash Player update available to address security vulnerabilities 04/08/2008 05/30/2008
APSA07-06 Vulnerabilities in some SWF files could allow cross-site scripting 12/23/2007 04/08/2008
APSB07-20 Flash Player update available to address security vulnerabilities 12/18/2007 01/29/2007
APSA07-05 Potential Vulnerability with Adobe Flash Player and Opera on Mac OSX 10/17/2007 12/18/2007
APSB07-12 Flash Player update available to address security vulnerabilities 07/10/2007 07/10/2007
APSA07-03 Opera update available for vulnerability with Adobe Flash Player and Opera browser on Linux and Solaris 04/11/2007 04/11/2007
APSB06-18 Update available for HTTP Header Injection Vulnerabilities in Adobe Flash Player 11/14/2006 12/06/2006

Version 8.x and previous
Brief Originally Posted Last Updated
APSA08-08 Flash Player workaround available for "Clickjacking" issue 10/07/2008 11/05/2008
APSB08-11 Flash Player update available to address security vulnerabilities 04/08/2008 05/30/2008
APSB07-20 Flash Player update available to address security vulnerabilities 12/18/2007 01/29/2007
APSA07-05 Potential Vulnerability with Adobe Flash Player and Opera on Mac OSX 10/17/2007 12/18/2007
APSB07-12 Flash Player update available to address security vulnerabilities 07/10/2007 07/10/2007
APSA07-03 Opera update available for vulnerability with Adobe Flash Player and Opera browser on Linux and Solaris 04/11/2007 04/11/2007
APSB06-18 Update available for HTTP Header Injection Vulnerabilities in Adobe Flash Player 11/14/2006 12/06/2006
APSB06-11 Multiple Vulnerabilities in Adobe Flash Player 8.0.24.0 and Earlier Versions 09/12/2006 09/12/2006
APSB06-03 Flash Player Update to Address Security Vulnerabilities 03/14/2006 05/09/2006
MPSB05-07 Flash Player 7 Improper Memory Access Vulnerability 11/02/2005 11/10/2005
MPSB03-08 Update to Flash Player Addressing Local Shared Object Security 12/16/2003 12/16/2003
MPSB03-03 Security Patch for Macromedia Flash Player 03/03/2003 03/11/2003
MPSB02-15 Macromedia Flash Malformed Header Vulnerability Issue 12/12/2002 12/12/2002
MPSB02-09 Macromedia Flash Malformed Header Vulnerability Issue 08/08/2002 08/08/2002
MPSB02-10 Macromedia Flash URL Modification Issue 08/08/2002 08/08/2002
MPSB02-08 Macromedia Flash Player Cross Server Scripting Security Issue 06/12/2002 06/12/2002

Flex

Version 3.x SDK, Flex Builder 3
Brief Originally Posted Last Updated
APSB09-13 Security Update available for Flex SDK 8/19/2009 8/19/2009
APSB08-14 Update to Flex 3 to address potential cross-site scripting vulnerability 06/17/2008 06/17/2008

Adobe Form Client

Version 5.0
Brief Originally Posted Last Updated
APSB08-09 Update available to resolve critical vulnerabilities in Adobe Form Designer 5.0 and Adobe Form Client 5.0 Components 03/11/2008 03/11/2008

Adobe Form Designer

Version 5.0
Brief Originally Posted Last Updated
APSB08-09 Update available to resolve critical vulnerabilities in Adobe Form Designer 5.0 and Adobe Form Client 5.0 Components 03/11/2008 03/11/2008

Forums

Brief Originally Posted Last Updated
ASB00-06 Patch Available for Allaire Forums 2.0.5 security issue 04/03/2000 04/03/2000
ASB99-05 Allaire Forums Security Issues 03/30/1999 03/30/1999

GoLive

Version 9
Brief Originally Posted Last Updated
APSB07-17 GoLive 9 update to address potential security vulnerabilities 10/09/2007 10/09/2007

Adobe Graphics Server (formerly Altercast)

Version 2.0
Brief Originally Posted Last Updated
Adobe Graphics Server and Adobe Document Server configuration security vulnerability 03/13/2005 03/13/2005

Illustrator

Version CS3
Brief Originally Posted Last Updated
APSB07-16 Illustrator CS3 update to address potential security vulnerabilities 10/09/2007 10/09/2007
Version CS2
Brief Originally Posted Last Updated
APSA08-07 Potential vulnerabilities in Mac Illustrator CS            9/16/2008 9/16/2008

JRun

Version 4.0
Brief Originally Posted Last Updated
APSB09-12 Security Update: Hotfixes available for ColdFusion and JRun 8/17/2009 8/17/2009
APSB07-07 Patch available for potential JRun 4 Updater 6 IIS 6 denial of service issue 03/13/2007 03/13/2007
APSB07-05 Patch available for JRun cross-site scripting issue 02/13/2007 02/13/2007
APSB07-02 Patch available for ColdFusion MX 7 and JRun 4 information disclosure issue 01/09/2007 01/09/2007
MPSB05-13 Cumulative Security Updater for JRun 4.0 server 12/15/2005 12/15/2005
MPSB05-05 Security Patch available for JRun 4.0 token collision 07/14/2005 07/28/2005
MPSB04-08 Cumulative Security Patch available for JRun server 09/23/2004 09/23/2004
MPSB04-04 Security Patch available for ColdFusion MX and JRun 4.0 Web Services DoS 03/14/2004 03/14/2004
MPSB03-07 Security Patch available for ColdFusion MX and JRun 4.0 Web Services DoS 12/09/2003 12/10/2003
MPSB03-04 Patch for Apache 1.3.x, 2.0 View Source Vulnerability in ColdFusion MX and JRun 4.0 on Windows 07/08/2003 07/08/2003
MPSB02-12 Cumulative Security Patch available for JRun 3.0, 3.1 and 4.0 11/06/2002 11/20/2002
MPSB02-07 Patch available to support Apache 2.0.39 with JRun 4.0/ColdFusion MX 06/27/2002 06/27/2002
MPSB02-06 Cumulative Security Patch available for JRun 3.0, 3.1 and 4.0 06/27/2002 08/19/2002
Version 3x
Brief Originally Posted Last Updated
MPSB04-08 Cumulative Security Patch available for JRun server 09/23/2004 09/23/2004
MPSB02-06 Cumulative Security Patch available for JRun 3.0, 3.1 and 4.0 06/27/2002 08/19/2002
MPSB02-02 Patch Available for ISAPI buffer overflow in JRun 3.0/3.1 05/29/2002 05/29/2002
MPSB01-18 Patch Available for Unnecessary Appending of jsessionid in URL (URL Rewriting) 12/06/2001 12/06/2001
MPSB01-17 Patch Available for File System Traversal Issue with JRun Web Server on Windows platforms 12/06/2001 12/06/2001
MPSB01-16 Patch Available for Retrieval of File Content with an HTTP GET under Certain Conditions 12/06/2001 12/06/2001
MPSB01-15 Patch Available for Revealing Source Code when Accessing a JSP as myjsp%00 or myjs%2570 via the JWS or IIS 12/06/2001 12/06/2001
MPSB01-14 Patch Available for Serving JSP Pages out of the WEB-INF and META-INF Directories 12/06/2001 12/06/2001
MPSB01-13 Workaround Addresses Web Server Root Directory Browse Access 11/27/2001 12/06/2001
MPSB01-12 Workaround Addresses JRun Server SSIFilter Security Issue 11/27/2001 11/27/2001
MPSB01-10 Patch Available for Duplicate Session IDs Issue 11/27/2001 12/06/2001
MPSB01-09 (a.k.a. JSP view source vulnerability) 08/09/2001 12/06/2001
MPSB01-06 JRun 3.1, JRun 3.0, JRun 2.3.3: Cross-site scripting vulnerability (a.k.a. JavaScript code execution vulnerability) 06/28/2001 06/28/2001
MPSB01-05 JRun 3.0: Patch available for accessing a restricted directory via web authentication when the case of the directory mapping referenced in the URI is other than what is stored in web.xml 06/28/2001 06/28/2001
MPSB01-04 JRun 3.0: Patch available for re-generation of new java, class, et al. files when adding a forward slash to a previously run jsp, and accessing it through a browser 06/28/2001 06/28/2001
MPSB01-03 JRun 3.1, 3.0, 2.3.3: Patch available for ability to view jsp source code when replacing the "p" in "jsp" with "%70" in the URI 06/28/2001 06/28/2001
ASB01-02 JRun 3.0: Patch available for JRun malformed URI WEB-INF directory information and web.xml file retrieval issue 01/24/2001 01/24/2001
ASB00-30 JRun 3.0: Patch available for "multiple .'s denial of service" issue 10/31/2000 10/31/2000
ASB00-27 JRun 3.0: Patch available for "extra leading slash" security issue 10/23/2000 10/23/2000
ASB00-18 Patch available for JRun 3.0 EJB property disclosure issue 08/09/2000 08/09/2000
Version 2x
Brief Originally Posted Last Updated
MPSB01-06 JRun 3.1, JRun 3.0, JRun 2.3.3: Cross-site scripting vulnerability (a.k.a. JavaScript code execution vulnerability) 06/28/2001 08/08/2001
MPSB01-03 JRun 3.1, 3.0, 2.3.3: Patch available for ability to view jsp source code when replacing the "p" in "jsp" with "%70" in the URI 06/28/2001 08/08/2001
ASB00-28 JRun 2.3.3: Patch available for "non-webroot requests" security issue 10/23/2000 10/23/2000
ASB00-29 JRun 2.3.3: Patch available for "JSP execution of arbitrary file" security issue 10/23/2000 10/23/2000
ASB00-19 Patch available for JRun trailing character JSP source code disclosure issue 08/09/2000 08/09/2000
ASB00-15 Workaround available for vulnerabilities exposed by JRun 2.3.x code samples 06/22/2000 06/22/2000

Adobe Livecycle Form Manager

Version 7.1
Brief Originally Posted Last Updated
LiveCycle information disclosure to OBSOLETE users 04/11/2006 04/11/2006

Adobe Livecycle Workflow

Version 7.1
Brief Originally Posted Last Updated
APSB08-10 Update available for potential LiveCycle Workflow 6.2 Cross Site Scripting security issue 03/11/2008 03/11/2008
LiveCycle information disclosure to OBSOLETE users 04/11/2006 04/11/2006

MX 2004 products

Brief Originally Posted Last Updated
MPSB05-04 Potential Security Risk with Macromedia eLicensing Client Activation Code 06/09/2005 06/09/2005
MPSB04-07 Macromedia Products Not Affected by Microsoft JPEG/GDIPlus Vulnerability 09/22/2004 09/22/2004
MPSB04-03 Potential Security Risk with Macromedia E-Licensing Client Activation Code 03/12/2004 03/12/2004

Adobe PageMaker

Version 7.x
Brief Originally Posted Last Updated
APSA08-10 Potential vulnerabilities in PageMaker 7 10/29/2008 10/29/2008
APSB07-15 Patch available for PageMaker buffer overflow vulnerability 10/09/2007 10/09/2007

Adobe Photoshop (Windows)

Version CS
Brief Originally Posted Last Updated
APSB07-13 Photoshop CS2 and CS3 updates to address security vulnerabilities 07/10/2007 07/10/2007
Advisory for License Management Service vulnerability 06/09/2005 06/09/2005

Adobe Photoshop Album

Starter Edition 3.2
Brief Originally Posted Last Updated
APSA08-04 Potential vulnerability in Photoshop Album Starter Edition 3.2 04/21/08 07/17/09

Adobe Premiere Pro (Windows)

Version 1.5
Brief Originally Posted Last Updated
Advisory for License Management Service vulnerability 06/09/2005 06/09/2005

Adobe Presenter

Version 7
Brief Originally Posted Last Updated
Presenter 7 update available to address potential Cross-site Scripting issues 08/08/2008 08/08/2008

RoboHelp

Version 6 & 7
Brief Originally Posted Last Updated
APSB09-02 Updates available for RoboHelp and RoboHelp Server Cross-Site Scripting issues 2/24/2009 2/24/2009
APSB08-05 Patch available for RoboHelp Cross-Site Scripting issue 02/12/2007 02/12/2007
APSB07-10 Patch available for RoboHelp Cross-Site Scripting issue 05/08/2007 05/08/2007
Version X5
Brief Originally Posted Last Updated
APSB07-10 Patch available for RoboHelp Cross-Site Scripting issue 05/08/2007 05/08/2007

RoboHelp Server

Version 8
Brief Originally Posted Last Updated
APSB09-14 Security update available for RoboHelp Server 8 9/18/2009 9/18/2009
APSA09-05 Security Advisory for RoboHelp Server 8 9/9/2009 9/18/2009
Version 7
Brief Originally Posted Last Updated
APSB09-02 Updates available for RoboHelp and RoboHelp Server Cross-Site Scripting issues 2/24/2009 2/24/2009
APSB08-16 Patch available for RoboHelp Server Cross-Site Scripting and SQL Injection issue 07/08/2008 07/09/2008
Version 6
Brief Originally Posted Last Updated
APSB09-02 Updates available for RoboHelp and RoboHelp Server Cross-Site Scripting issues 2/24/2009 2/24/2009
APSB08-16 Patch available for RoboHelp Server Cross-Site Scripting and SQL Injection issue 07/08/2008 07/09/2008
APSB07-10 Patch available for RoboHelp Cross-Site Scripting issue 05/08/2007 05/08/2007

Shockwave Player

Brief Originally Posted Last Updated
APSB09-11 Security Update available for Shockwave Player 7/28/2009 7/28/2009
APSB09-08 Security Update available for Shockwave Player 6/23/2009 6/23/2009
APSB06-02 Improper Memory Access Vulnerability in Macromedia Shockwave Player by Adobe 02/26/2006 02/26/2006
MPSB02-11 Macromedia Shockwave URL Modification Issue 02/27/2001 02/27/2001

Spectra

Brief Originally Posted Last Updated
ASB00-23 Spectra 1.0.1: Workaround available for administrative interface security issue 08/30/2000 08/30/2000
ASB00-10 Patch Available for Spectra Container Editor Preview Object Security Issue 04/24/2000 04/24/2000
ASB00-04 Patch Available for Allaire Spectra 1.0 Security Authentication System 01/31/2000 01/31/2000
ASB00-01 Enhancing Authenticated Webtop User Security in Allaire Spectra 1.0 01/04/2000 01/04/2000
ASB00-02 Addressing Potential Denial Of Service Problem With Installation Files In Allaire Spectra 1.0 01/04/2000 01/04/2000

Adobe SVG Viewer (Windows)

Version 3.x
Brief Originally Posted Last Updated
Local file discovery in Adobe SVG Viewer through Microsoft Internet Explorer on Windows 05/03/2005 05/03/2005

Adobe Version Cue (Macintosh)

Version 1.x
Brief Originally Posted Last Updated
Adobe Version Cue 1.x for Mac OS X System Privilege Escalation Update 08/11/2005 08/11/2005
Advisory for Adobe Version Cue 1.x local elevation of privilege 05/19/2005 05/19/2005