CVE-2013-2729

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

CVSS v3 9.8 CRITICAL
CVSS v2.0 10.0 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

10.0^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0826.html	Third Party Advisory
http://security.gentoo.org/glsa/glsa-201308-03.xml	Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb13-15.html	Not Applicable Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717	Broken Link
http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html	Mailing List Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2013-0826.html	Third Party Advisory
http://security.gentoo.org/glsa/glsa-201308-03.xml	Third Party Advisory
http://www.adobe.com/support/security/bulletins/apsb13-15.html	Not Applicable Patch Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717	Broken Link

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::
	cpe:2.3:a:adobe:acrobat_reader::::::::

Configuration 2 (hide)

OR	cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2::::::

Configuration 3 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::*
	cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

History

21 Nov 2024, 01:52

Type	Values Removed	Values Added
References	~~() http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html - Mailing List, Third Party Advisory~~	() http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html - Mailing List, Third Party Advisory
References	~~() http://rhn.redhat.com/errata/RHSA-2013-0826.html - Third Party Advisory~~	() http://rhn.redhat.com/errata/RHSA-2013-0826.html - Third Party Advisory
References	~~() http://security.gentoo.org/glsa/glsa-201308-03.xml - Third Party Advisory~~	() http://security.gentoo.org/glsa/glsa-201308-03.xml - Third Party Advisory
References	~~() http://www.adobe.com/support/security/bulletins/apsb13-15.html - Not Applicable, Patch, Vendor Advisory~~	() http://www.adobe.com/support/security/bulletins/apsb13-15.html - Not Applicable, Patch, Vendor Advisory
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 - Broken Link~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 - Broken Link

09 Jul 2024, 18:22

Type	Values Removed	Values Added
CWE	~~CWE-189~~	CWE-190
CVSS	v2 : ~~10.0~~ v3 : ~~unknown~~	v2 : 10.0 v3 : 9.8
References	~~() http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html -~~	() http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html - Mailing List, Third Party Advisory
References	~~() http://rhn.redhat.com/errata/RHSA-2013-0826.html -~~	() http://rhn.redhat.com/errata/RHSA-2013-0826.html - Third Party Advisory
References	~~() http://security.gentoo.org/glsa/glsa-201308-03.xml -~~	() http://security.gentoo.org/glsa/glsa-201308-03.xml - Third Party Advisory
References	~~() http://www.adobe.com/support/security/bulletins/apsb13-15.html - Patch, Vendor Advisory~~	() http://www.adobe.com/support/security/bulletins/apsb13-15.html - Not Applicable, Patch, Vendor Advisory
References	~~() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 -~~	() https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717 - Broken Link
CPE	cpe:2.3:a:adobe:acrobat:9.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.2:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1:::::::* cpe:2.3:a:adobe:acrobat:9.5:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.3:::::::* cpe:2.3:a:adobe:acrobat_reader:9.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.5:::::::* cpe:2.3:a:adobe:acrobat_reader:11.0.2:::::::* cpe:2.3:a:adobe:acrobat:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.2:-:::::: cpe:2.3:a:adobe:acrobat:10.1.6:::::::* cpe:2.3:a:adobe:acrobat:9.4.6:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.6:::::::* cpe:2.3:a:adobe:acrobat:10.1.1:::::::* cpe:2.3:a:adobe:acrobat:10.0.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.7:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.1:::::::* cpe:2.3:a:adobe:acrobat:10.0.3:::::::* cpe:2.3:a:adobe:acrobat:9.5.1:::::::* cpe:2.3:a:adobe:acrobat:9.4.7:::::::* cpe:2.3:a:adobe:acrobat:10.1.5:::::::* cpe:2.3:a:adobe:acrobat:9.3.1:::::::* cpe:2.3:a:adobe:acrobat:9.5.2:::::::* cpe:2.3:a:adobe:acrobat:9.5.3:::::::* cpe:2.3:a:adobe:acrobat:9.4.2:-:::::: cpe:2.3:a:adobe:acrobat:9.0:::::::* cpe:2.3:a:adobe:acrobat:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:10.1.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.2:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.3:::::::* cpe:2.3:a:adobe:acrobat_reader:10.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.3.1:::::::* cpe:2.3:a:adobe:acrobat:10.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5.4:::::::* cpe:2.3:a:adobe:acrobat:9.4.4:-:::::: cpe:2.3:a:adobe:acrobat_reader:9.4.1:::::::* cpe:2.3:a:adobe:acrobat:9.3.2:::::::* cpe:2.3:a:adobe:acrobat:9.4.6:-:::::: cpe:2.3:a:adobe:acrobat_reader:9.1:::::::* cpe:2.3:a:adobe:acrobat:9.1.3:-:::::: cpe:2.3:a:adobe:acrobat:9.5.4:::::::* cpe:2.3:a:adobe:acrobat:11.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4.5:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.3:::::::* cpe:2.3:a:adobe:acrobat:9.4.2:::::::* cpe:2.3:a:adobe:acrobat:9.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.4:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.6:::::::* cpe:2.3:a:adobe:acrobat:9.0:-:pro:::::* cpe:2.3:a:adobe:acrobat_reader:9.4.2:::::::* cpe:2.3:a:adobe:acrobat:9.3:-:pro:::::* cpe:2.3:a:adobe:acrobat_reader:10.0:::::::* cpe:2.3:a:adobe:acrobat_reader:9.4:::::::* cpe:2.3:a:adobe:acrobat:10.0:-:pro:::::* cpe:2.3:a:adobe:acrobat_reader:9.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.2:-:::::: cpe:2.3:a:adobe:acrobat_reader:10.0.2:::::::* cpe:2.3:a:adobe:acrobat:9.4.5:-:::::: cpe:2.3:a:adobe:acrobat_reader:11.0.1:::::::* cpe:2.3:a:adobe:acrobat:11.0.2:::::::* cpe:2.3:a:adobe:acrobat:10.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:9.1.1:::::::* cpe:2.3:a:adobe:acrobat:9.4.5:::::::* cpe:2.3:a:adobe:acrobat:9.4.1:-:::::: cpe:2.3:a:adobe:acrobat:10.1.2:::::::* cpe:2.3:a:adobe:acrobat:10.0.1:-:pro:::::* cpe:2.3:a:adobe:acrobat_reader:9.3.3:::::::* cpe:2.3:a:adobe:acrobat:9.4.3:-:::::: cpe:2.3:a:adobe:acrobat_reader:9.4.4:::::::* cpe:2.3:a:adobe:acrobat_reader:9.5:::::::* cpe:2.3:a:adobe:acrobat_reader:10.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.3:::::::* cpe:2.3:a:adobe:acrobat:9.3.4:-:::::: cpe:2.3:a:adobe:acrobat:9.1.1:-:::::: cpe:2.3:a:adobe:acrobat:9.3.1:-:::::: cpe:2.3:a:adobe:acrobat_reader:10.1.2:::::::* cpe:2.3:a:adobe:acrobat:9.4.4:::::::* cpe:2.3:a:adobe:acrobat:9.4.1:::::::* cpe:2.3:a:adobe:acrobat:10.1:::::::* cpe:2.3:a:adobe:acrobat:9.4.3:::::::* cpe:2.3:a:adobe:acrobat:10.1.3:::::::* cpe:2.3:a:adobe:acrobat:9.1:-:pro:::::* cpe:2.3:a:adobe:acrobat:11.0.1:::::::* cpe:2.3:a:adobe:acrobat_reader:11.0:::::::* cpe:2.3:a:adobe:acrobat:9.2:::::::*	cpe:2.3:a:adobe:acrobat:::::::: cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:::::: cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:5.9:::::::* cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:::-:::* cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:::::::* cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:::::::* cpe:2.3:o:redhat:enterprise_linux_eus:6.4:::::::* cpe:2.3:a:adobe:acrobat_reader::::::::
First Time		Suse linux Enterprise Desktop Redhat enterprise Linux Desktop Redhat enterprise Linux Server Suse Redhat Redhat enterprise Linux Server Aus Redhat enterprise Linux Workstation Redhat enterprise Linux Eus

Information

Published : 2013-05-16 11:45

Updated : 2025-04-11 00:51

NVD link : CVE-2013-2729

Mitre link : CVE-2013-2729

CVE.ORG link : CVE-2013-2729

JSON object : View

Products Affected

redhat

enterprise_linux_server
enterprise_linux_server_aus
enterprise_linux_workstation
enterprise_linux_eus
enterprise_linux_desktop

adobe

acrobat_reader
acrobat

suse

linux_enterprise_desktop

CWE

CWE-190

Integer Overflow or Wraparound

{"id": "CVE-2013-2729", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2013-05-16T11:45:31.263", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0826.html", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml", "tags": ["Third Party Advisory"], "source": "psirt@adobe.com"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb13-15.html", "tags": ["Not Applicable", "Patch", "Vendor Advisory"], "source": "psirt@adobe.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717", "tags": ["Broken Link"], "source": "psirt@adobe.com"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2013-05/msg00004.html", "tags": ["Mailing List", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://rhn.redhat.com/errata/RHSA-2013-0826.html", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://security.gentoo.org/glsa/glsa-201308-03.xml", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.adobe.com/support/security/bulletins/apsb13-15.html", "tags": ["Not Applicable", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16717", "tags": ["Broken Link"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-190"}]}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-190"}]}], "descriptions": [{"lang": "en", "value": "Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727."}, {"lang": "es", "value": "Desbordamiento de entero en Adobe Reader y Acrobat v9.x anterior a v9.5.5, v10.x anterior a v10.1.7, y v11.x anterior a v11.0.03 permite a atacantes remotos ejecutar c\u00f3digo arbitrario mediante vectores desconocidos, una vulnerabilidad diferente a CVE-2013-2727."}], "lastModified": "2025-04-11T00:51:21.963", "cisaActionDue": "2022-04-18", "cisaExploitAdd": "2022-03-28", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "413B5753-2B8D-44F6-B3A3-3CB4C9E8B68E", "versionEndExcluding": "9.5.5", "versionStartIncluding": "9.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "46FE52E1-6878-41E8-9898-B0C93DB1A711", "versionEndExcluding": "10.1.7", "versionStartIncluding": "10.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "64498BAE-6B93-4171-987C-DA0D7E5586B6", "versionEndExcluding": "11.0.03", "versionStartIncluding": "11.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "59FB20F5-387E-4DB3-A2D5-E027C678B771", "versionEndExcluding": "9.5.5", "versionStartIncluding": "9.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "085F0347-0232-481A-8275-E19A9A0631AD", "versionEndExcluding": "10.1.7", "versionStartIncluding": "10.0"}, {"criteria": "cpe:2.3:a:adobe:acrobat_reader:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "847908BF-1CD9-485F-93D7-5EB600DD7220", "versionEndExcluding": "11.0.03", "versionStartIncluding": "11.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:10:sp4:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "4339DE06-19FB-4B8E-B6AE-3495F605AD05"}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "00720D8C-3FF3-4B1C-B74B-91F01A544399"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "6252E88C-27FF-420D-A64A-C34124CF7E6A"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_eus:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "8A8E07B7-3739-4BEB-88F8-C7F62431E889"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:5.9:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "92C9F1C4-55B0-426D-BB5E-01372C23AF97"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:6.4:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AF83BB87-B203-48F9-9D06-48A5FE399050"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@adobe.com", "cisaRequiredAction": "Apply updates per vendor instructions.", "cisaVulnerabilityName": "Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability"}

9.8 /10