CVE-2013-2736Improper Restriction of Operations within the Bounds of a Memory Buffer in Adobe Acrobat

CWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-787Out-of-bounds Write58 documents4 sources
Severity
10.0CRITICALNVD
NVD9.8
EPSS
18.9%
top 4.68%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedMay 16
Latest updateMay 17

Description

Adobe Reader and Acrobat 9.x before 9.5.5, 10.x before 10.1.7, and 11.x before 11.0.03 allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2013-2718, CVE-2013-2719, CVE-2013-2720, CVE-2013-2721, CVE-2013-2722, CVE-2013-2723, CVE-2013-2725, CVE-2013-2726, CVE-2013-2731, CVE-2013-2732, CVE-2013-2734, CVE-2013-2735, CVE-2013-3337, CVE-2013-3338, CVE-2013-3339, CVE-2013-3340, and CVE-2013-3341.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader9.09.5.5+40
NVDadobe/acrobat9.09.5.5+40

Patches

Patch: www.adobe.comPatch: www.adobe.com

🔴Vulnerability Details

19
GHSA
GHSA-76fc-xhc5-m2qr: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-662w-w5c4-f4mr: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-mh89-3rjv-prw2: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-6vrc-2vr9-vvr2: Adobe Reader and Acrobat 92022-05-17
GHSA
GHSA-hv3r-vpqh-vrcv: Adobe Reader and Acrobat 92022-05-17

📋Vendor Advisories

19
Red Hat
acroread: multiple code execution flaws (APSB13-15)2013-05-14
Red Hat
acroread: multiple code execution flaws (APSB13-15)2013-05-14
Red Hat
acroread: multiple code execution flaws (APSB13-15)2013-05-14
Red Hat
acroread: multiple code execution flaws (APSB13-15)2013-05-14
Red Hat
acroread: multiple code execution flaws (APSB13-15)2013-05-14

💬Community

1
Bugzilla
acroread: multiple code execution flaws (APSB13-15)2013-05-14
CVE-2013-2736 — Adobe Acrobat vulnerability | cvebase