Buffer overflow in Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allows remote attackers to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.
References
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
16 Jul 2024, 17:36
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:adobe:acrobat_reader:9.3.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.0.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.5.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.6:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.6:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.5.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.7:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.5.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.5.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.7:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.5.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.5.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.0.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.4:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.6:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1.3:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:11.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.0:-:pro:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3:-:pro:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0:-:pro:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.2:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.0.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.5:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.1:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.3:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.4.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:9.5:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.4:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1.1:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.3.1:-:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:10.1.2:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.4.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:10.1.3:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.1:-:pro:*:*:*:*:* cpe:2.3:a:adobe:acrobat:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:11.0:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat:9.2:*:*:*:*:*:*:* |
cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:12.1:*:*:*:*:*:*:* cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:* cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:* cpe:2.3:o:apple:mac_os_x:-:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:* cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:* |
CVSS |
v2 : v3 : |
v2 : 9.3
v3 : 7.8 |
First Time |
Linux
Suse linux Enterprise Desktop Apple Opensuse Opensuse opensuse Redhat enterprise Linux Desktop Redhat enterprise Linux Workstation Redhat Microsoft windows Microsoft Linux linux Kernel Apple mac Os X Redhat enterprise Linux Server Suse Redhat enterprise Linux Server Aus Redhat enterprise Linux Eus |
|
References | () http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html - Broken Link | |
References | () http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html - Broken Link, Vendor Advisory | |
References | () http://blogs.mcafee.com/mcafee-labs/digging-into-the-sandbox-escape-technique-of-the-recent-pdf-exploit - Broken Link | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00021.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00023.html - Mailing List, Third Party Advisory | |
References | () http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00024.html - Mailing List, Third Party Advisory | |
References | () http://rhn.redhat.com/errata/RHSA-2013-0551.html - Third Party Advisory | |
References | () http://security.gentoo.org/glsa/glsa-201308-03.xml - Third Party Advisory | |
References | () http://www.adobe.com/support/security/advisories/apsa13-02.html - Vendor Advisory | |
References | () http://www.adobe.com/support/security/bulletins/apsb13-07.html - Broken Link | |
References | () http://www.kb.cert.org/vuls/id/422807 - Third Party Advisory, US Government Resource | |
References | () https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16296 - Broken Link | |
CWE | CWE-120 |
Information
Published : 2013-02-14 01:55
Updated : 2024-07-16 17:36
NVD link : CVE-2013-0641
Mitre link : CVE-2013-0641
CVE.ORG link : CVE-2013-0641
JSON object : View
Products Affected
microsoft
- windows
adobe
- acrobat_reader
- acrobat
opensuse
- opensuse
redhat
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_eus
- enterprise_linux_desktop
linux
- linux_kernel
apple
- mac_os_x
suse
- linux_enterprise_desktop
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')