CVE-2009-3959
published 2010-01-13CVE-2009-3959: Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to…
PriorityP351critical10CVSS 2.0
AVNACLAuNCCICAC
EPSS
11.47%
95.5th percentile
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.
Affected
97 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| adobe | acrobat | <= 9.2 | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
| adobe | acrobat | — | — |
CVSS provenance
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
vendor_redhat10.0CRITICAL
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
acroread: multiple code execution flaws (APSB10-02)
vendor_redhat·2010-01-12·CVSS 10.0
CVE-2009-3959 [CRITICAL] acroread: multiple code execution flaws (APSB10-02)
acroread: multiple code execution flaws (APSB10-02)
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.
GHSA
GHSA-rh7h-fjp6-m8mh: Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9
ghsa_unreviewed·2022-05-02
CVE-2009-3959 [HIGH] GHSA-rh7h-fjp6-m8mh: Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9
Integer overflow in the U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a malformed PDF document.
No detection rules found.
No public exploits indexed.
http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlhttp://secunia.com/advisories/38138http://secunia.com/advisories/38215http://www.adobe.com/support/security/bulletins/apsb10-02.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0060.htmlhttp://www.securityfocus.com/archive/1/508949http://www.securityfocus.com/bid/37756http://www.securitytracker.com/id?1023446http://www.us-cert.gov/cas/techalerts/TA10-013A.htmlhttp://www.vupen.com/english/advisories/2010/0103https://bugzilla.redhat.com/show_bug.cgi?id=554293https://exchange.xforce.ibmcloud.com/vulnerabilities/55557https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8539http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.htmlhttp://secunia.com/advisories/38138http://secunia.com/advisories/38215http://www.adobe.com/support/security/bulletins/apsb10-02.htmlhttp://www.redhat.com/support/errata/RHSA-2010-0060.htmlhttp://www.securityfocus.com/archive/1/508949http://www.securityfocus.com/bid/37756http://www.securitytracker.com/id?1023446http://www.us-cert.gov/cas/techalerts/TA10-013A.htmlhttp://www.vupen.com/english/advisories/2010/0103https://bugzilla.redhat.com/show_bug.cgi?id=554293https://exchange.xforce.ibmcloud.com/vulnerabilities/55557https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8539
2010-01-13
Published