Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-1999-1576 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat Reader

3 documents3 sources

Severity

7.5HIGHNVD

EPSS

44.7%

top 2.41%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

Adobe Acrobat Reader

Timeline

PublishedSep 27

Latest updateApr 30

Description

Buffer overflow in Adobe Acrobat ActiveX control (pdf.ocx, PDF.PdfCtrl.1) 1.3.188 for Acrobat Reader 4.0 allows remote attackers to execute arbitrary code via the pdf.setview method.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDadobe/acrobat_reader4.0

Patches

Patch: www.securityfocus.com ↗Patch: www.securityfocus.com ↗

🔴Vulnerability Details

GHSA

GHSA-6cpp-p296-85wp: Buffer overflow in Adobe Acrobat ActiveX control (pdf↗2022-04-30

▶

💥Exploits & PoCs

Exploit-DB

Adobe Acrobat ActiveX Control 1.3.188 - ActiveX Buffer Overflow↗1999-09-27

▶