CVE-2013-0622Improper Validation of Array Index in Adobe Acrobat

CWE-264CWE-129Improper Validation of Array IndexCWE-119Improper Restriction of Operations within the Bounds of a Memory Buffer9 documents4 sources
Severity
10.0CRITICALNVD
EPSS
3.0%
top 13.48%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedJan 10
Latest updateMay 17

Description

Adobe Reader and Acrobat 9.x before 9.5.3, 10.x before 10.1.5, and 11.x before 11.0.1 allow attackers to bypass intended access restrictions via unspecified vectors, a different vulnerability than CVE-2013-0624.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader32 versions+31
NVDadobe/acrobat32 versions+31

🔴Vulnerability Details

2
GHSA
GHSA-4627-4rjp-mw63: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-6hfq-vff3-j8jm: Adobe Reader and Acrobat 92022-05-17

📋Vendor Advisories

3
Red Hat
kernel: sock_diag: out-of-bounds access to sock_diag_handlers[]2013-02-24
Red Hat
acroread: security bypass flaws (APSB13-02)2013-01-08
Red Hat
acroread: security bypass flaws (APSB13-02)2013-01-08

💬Community

2
Bugzilla
CVE-2013-1763 kernel: sock_diag: out-of-bounds access to sock_diag_handlers[]2013-02-24
Bugzilla
CVE-2013-0622 CVE-2013-0624 acroread: security bypass flaws (APSB13-02)2013-01-09
CVE-2013-0622 — Improper Validation of Array Index | cvebase