CVE-2013-5325Code Injection in Adobe Acrobat

CWE-94Code Injection2 documents2 sources
Severity
9.3CRITICALNVD
EPSS
0.8%
top 25.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Adobe AcrobatAdobe Acrobat Reader
Timeline
PublishedOct 9
Latest updateMay 17

Description

Adobe Reader and Acrobat 11.x before 11.0.05 on Windows allow remote attackers to execute arbitrary JavaScript code in a javascript: URL via a crafted PDF document.

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages2 packages

NVDadobe/acrobat_reader5 versions+4
NVDadobe/acrobat5 versions+4

🔴Vulnerability Details

1
GHSA
GHSA-jvfp-5x44-gx2p: Adobe Reader and Acrobat 112022-05-17
CVE-2013-5325 — Code Injection in Adobe Acrobat | cvebase