CVE-2012-4161Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer7 documents3 sources
Severity
7.5HIGHNVD
EPSS
2.8%
top 13.84%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedAug 15
Latest updateMay 17

Description

Adobe Reader and Acrobat 9.x before 9.5.2 and 10.x before 10.1.4 on Mac OS X allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-4162.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages2 packages

NVDadobe/acrobat_reader29 versions+28
NVDadobe/acrobat30 versions+29

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

2
GHSA
GHSA-jhwv-crf7-9fvg: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-vmfg-v47m-gpjc: Adobe Reader and Acrobat 92022-05-17

💬Community

2
Bugzilla
CVE-2013-4161 gksu-polkit: improper patching of CVE-2012-56172013-07-23
Bugzilla
acroread: multiple code execution flaw (APSB12-16)2012-08-14
CVE-2012-4161 — Adobe Acrobat vulnerability | cvebase