CVE-2011-2442Improper Input Validation in Adobe Acrobat

CWE-20Improper Input Validation4 documents4 sources
Severity
9.3CRITICALNVD
EPSS
8.1%
top 7.82%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedSep 15
Latest updateMay 17

Description

Adobe Reader and Acrobat 8.x before 8.3.1, 9.x before 9.4.6, and 10.x before 10.1.1 allow attackers to execute arbitrary code via unspecified vectors, related to a "logic error vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader36 versions+35
NVDadobe/acrobat38 versions+37

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

1
GHSA
GHSA-484x-wjq7-xr92: Adobe Reader and Acrobat 82022-05-17

📋Vendor Advisories

1
Red Hat
acroread: multiple code execution flaws (APSB11-24)2011-09-13

💬Community

1
Bugzilla
acroread: multiple code execution flaws (APSB11-24)2011-10-26
CVE-2011-2442 — Improper Input Validation in Adobe | cvebase