⚠ Actively exploited

Added to CISA KEV on 2022-03-28. Federal agencies required to patch by 2022-04-18. Required action: Apply updates per vendor instructions..

CVE-2013-2729 — Integer Overflow or Wraparound in Adobe Acrobat

CWE-189 CWE-190 — Integer Overflow or Wraparound21 documents13 sources

Severity

10.0CRITICALNVD

NVD9.8VulnCheck9.8CISA9.8

EPSS

89.5%

top 0.44%

CISA KEV

KEV

Added 2022-03-28

Due 2022-04-18

Exploit

Exploited in wild

Active exploitation observed

Affected products

Adobe Acrobat Adobe Acrobat Reader Redhat Enterprise Linux Desktop +5 more

Timeline

PublishedMay 16

KEV addedMar 28

KEV dueApr 18

Latest updateFeb 12

CISA Required Action: Apply updates per vendor instructions.

Description

Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2013-2727.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages6 packages

▶NVDadobe/acrobat_reader9.0 — 9.5.5+40

▶NVDadobe/acrobat9.0 — 9.5.5+40

▶NVDsuse/linux_enterprise_desktop10, 11+1

▶NVDredhat/enterprise_linux_server6.0

▶NVDredhat/enterprise_linux_desktop6.0

Also affects: Enterprise Linux 5.9, 6.4

Patches

Patch: www.adobe.com ↗Patch: www.adobe.com ↗

🔴Vulnerability Details

GHSA

GHSA-h6q5-w33h-288x: Integer overflow in Adobe Reader and Acrobat 9↗2022-05-17

▶

GHSA

GHSA-q39j-xwr5-2ggj: Integer overflow in Adobe Reader and Acrobat 9↗2022-05-17

▶

CVEList

CVE-2013-2729: Integer overflow in Adobe Reader and Acrobat 9↗2013-05-16

▶

CVEList

CVE-2013-2727: Integer overflow in Adobe Reader and Acrobat 9↗2013-05-16

▶

VulnCheck

Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability↗2013

▶

💥Exploits & PoCs

Exploit-DB

Adobe Reader X 10.1.4.38 - '.BMP'/'.RLE' Heap Corruption↗2013-07-08

▶

📋Vendor Advisories

CISA

Adobe Reader and Acrobat Arbitrary Integer Overflow Vulnerability↗2022-03-28

▶

Red Hat

acroread: multiple code execution flaws (APSB13-15)↗2013-05-14

▶

Red Hat

acroread: multiple code execution flaws (APSB13-15)↗2013-05-14

▶

🕵️Threat Intelligence

Qualys

US-CERT: Top 30 Vulnerabilities | Qualys↗2015-05-01

▶

Unit42

Tracking New Ransomware CryptoWall 2.0↗2014-10-22

▶

Unit42

Tracking New Ransomware CryptoWall 2.0↗2014-10-22

▶

Talos

Snowshoe Spam Attack Comes and Goes in a Flurry↗2014-08-20

▶

Zscaler

Spearphishing Connects PCs To Russian Botnet | Zscaler↗2014-05-16

▶

📄Research Papers

arXiv

Investigation of Advanced Persistent Threats Network-based Tactics, Techniques and Procedures↗2025-02-12

▶

arXiv

Rethinking Misalignment to Raise the Bar for Heap Pointer Corruption↗2018-08-08

▶

arXiv

Digital Investigation of PDF Files: Unveiling Traces of Embedded Malware↗2017-07-17

▶

arXiv

Technical Aspects of Cyber Kill Chain↗2016-06-10

▶

💬Community

Bugzilla

acroread: multiple code execution flaws (APSB13-15)↗2013-05-14

▶