CVE-2012-0777Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents4 sources
Severity
6.8MEDIUMNVD
EPSS
8.5%
top 7.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedApr 10
Latest updateMay 14

Description

The JavaScript API in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 on Mac OS X and Linux allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors.

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages2 packages

NVDadobe/acrobat_reader9.09.5.1+1
NVDadobe/acrobat9.09.5.1+1

🔴Vulnerability Details

1
GHSA
GHSA-jxrq-6cjh-p9vf: The JavaScript API in Adobe Reader and Acrobat 92022-05-14

📋Vendor Advisories

3
Red Hat
condor: lock directories created mode 0777 allow for FS-based authentication challenge bypass2012-09-19
Red Hat
acroread: multiple unspecified flaws (APSB12-08, APSB12-01)2012-04-05
Red Hat
CLI: world-writable root directory2012-03-20

💬Community

3
Bugzilla
CVE-2012-3492 condor: lock directories created mode 0777 allow for FS-based authentication challenge bypass2012-08-14
Bugzilla
CVE-2011-4370 CVE-2011-4371 CVE-2011-4372 CVE-2011-4373 CVE-2012-0774 CVE-2012-0775 CVE-2012-0777 acroread: multiple unspecified flaws (APSB12-08, APSB12-01)2012-04-05
Bugzilla
CVE-2012-0032 JON CLI: world-writable root directory2012-01-09
CVE-2012-0777 — Adobe Acrobat vulnerability | cvebase