CVE-2011-2094Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer10 documents4 sources
Severity
9.3CRITICALNVD
EPSS
23.0%
top 4.08%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedJun 16
Latest updateMay 17

Description

Buffer overflow in Adobe Reader and Acrobat 8.x before 8.3, 9.x before 9.4.5, and 10.x before 10.1 on Windows and Mac OS X allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-2095 and CVE-2011-2097.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader35 versions+34
NVDadobe/acrobat36 versions+35

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

3
GHSA
GHSA-9q5g-wg5v-2gmg: Buffer overflow in Adobe Reader and Acrobat 82022-05-17
GHSA
GHSA-g9wv-gr8w-crp3: Buffer overflow in Adobe Reader and Acrobat 82022-05-17
GHSA
GHSA-7vg2-25jx-px29: Buffer overflow in Adobe Reader and Acrobat 82022-05-17

📋Vendor Advisories

3
Red Hat
acroread: multiple code execution flaws (APSB11-16)2011-06-14
Red Hat
acroread: multiple code execution flaws (APSB11-16)2011-06-14
Red Hat
acroread: multiple code execution flaws (APSB11-16)2011-06-14

💬Community

1
Bugzilla
acroread: multiple code execution flaws (APSB11-16)2011-07-12
CVE-2011-2094 — Adobe Acrobat vulnerability | cvebase