CVE-2012-4159Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer46 documents4 sources
Severity
10.0CRITICALNVD
EPSS
11.9%
top 6.23%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedAug 15
Latest updateMay 17

Description

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Windows and Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2051, CVE-2012-4147, CVE-2012-4148, CVE-2012-4149, CVE-2012-4150, CVE-2012-4151, CVE-2012-4152, CVE-2012-4153, CVE-2012-4154, CVE-2012-4155, CVE-2012-4156, CVE-2012-4157, CVE-2012-4158, and CVE-2012-4160.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader29 versions+28
NVDadobe/acrobat30 versions+29

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

15
GHSA
GHSA-xmp2-p923-f7r4: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-jpqf-j65q-4fxr: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-5jjp-w7h3-pf23: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-9vf6-prxr-gqg8: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-cv9p-5v5f-g9j2: Adobe Reader and Acrobat 92022-05-17

📋Vendor Advisories

15
Red Hat
acroread: multiple code execution flaw (APSB12-16)2012-08-14
Red Hat
acroread: multiple code execution flaw (APSB12-16)2012-08-14
Red Hat
acroread: multiple code execution flaw (APSB12-16)2012-08-14
Red Hat
acroread: multiple code execution flaw (APSB12-16)2012-08-14
Red Hat
acroread: multiple code execution flaw (APSB12-16)2012-08-14

💬Community

1
Bugzilla
acroread: multiple code execution flaw (APSB12-16)2012-08-14
CVE-2012-4159 — Adobe Acrobat vulnerability | cvebase