Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.3
CVSSv2

CVE-2013-0641

Published: 14/02/2013 Updated: 19/09/2017
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
VMScore: 828
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Subscribe to Acrobat Reader

Vulnerability Summary

Buffer overflow in Adobe Reader and Acrobat 9.x prior to 9.5.4, 10.x prior to 10.1.6, and 11.x prior to 11.0.02 allows remote malicious users to execute arbitrary code via a crafted PDF document, as exploited in the wild in February 2013.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

adobe acrobat reader 9.4.7

adobe acrobat reader 9.5.1

adobe acrobat reader 9.0

adobe acrobat reader 9.3.1

adobe acrobat reader 9.5.3

adobe acrobat reader 9.1.3

adobe acrobat reader 9.1

adobe acrobat reader 9.1.1

adobe acrobat reader 9.5

adobe acrobat reader 9.3.2

adobe acrobat reader 9.3.4

adobe acrobat reader 9.4.2

adobe acrobat reader 9.5.2

adobe acrobat reader 9.4.4

adobe acrobat reader 9.4.3

adobe acrobat reader 9.4.6

adobe acrobat reader 9.4.5

adobe acrobat reader 9.1.2

adobe acrobat reader 9.4.1

adobe acrobat reader 9.3.3

adobe acrobat reader 9.2

adobe acrobat reader 9.3

adobe acrobat reader 9.4

adobe acrobat reader 10.1.3

adobe acrobat reader 10.1.4

adobe acrobat reader 10.1.1

adobe acrobat reader 10.0.2

adobe acrobat reader 10.1.5

adobe acrobat reader 10.0.3

adobe acrobat reader 10.1.2

adobe acrobat reader 10.0.1

adobe acrobat reader 10.1

adobe acrobat reader 10.0

adobe acrobat reader 11.0.1

adobe acrobat reader 11.0

adobe acrobat 9.4.1

adobe acrobat 9.4.4

adobe acrobat 9.5.1

adobe acrobat 9.3.3

adobe acrobat 9.3

adobe acrobat 9.4.3

adobe acrobat 9.1.3

adobe acrobat 9.3.4

adobe acrobat 9.3.1

adobe acrobat 9.1.1

adobe acrobat 9.5.2

adobe acrobat 9.4.6

adobe acrobat 9.4.5

adobe acrobat 9.2

adobe acrobat 9.5.3

adobe acrobat 9.5

adobe acrobat 9.4

adobe acrobat 9.4.7

adobe acrobat 9.1

adobe acrobat 9.0

adobe acrobat 9.4.2

adobe acrobat 9.3.2

adobe acrobat 9.1.2

adobe acrobat 10.0

adobe acrobat 10.1.1

adobe acrobat 10.1.2

adobe acrobat 10.0.1

adobe acrobat 10.0.3

adobe acrobat 10.1.5

adobe acrobat 10.1.4

adobe acrobat 10.0.2

adobe acrobat 10.1

adobe acrobat 10.1.3

adobe acrobat 11.0

adobe acrobat 11.0.1

Vendor Advisories

Red Hat: Critical: acroread security update
Synopsis Critical: acroread security update Type/Severity Security Advisory: Critical Topic Updated acroread packages that fix two security issues are now availablefor Red Hat Enterprise Linux 5 and 6 SupplementaryThe Red Hat Security Response Team has rated this update as having criticalsecurity impact C ...

Recent Articles

Snowden picks up 'Epic 0wnage' gong in Vegas... well, not literally
The Register • John Leyden • 02 Aug 2013

And Barnaby Jack wins posthumous lifetime achievement Pwnie

Security researcher Barnaby Jack, famous for his "jackpot" hack on ATMs, which forced them to spit out cash, has won a lifetime achievement award less than a week after his death. The honour was announced yesterday at the Pwnie awards, Infosec's equivalent to the Oscars. Jack, 35, died last Thursday just days before he was due to give a talk on electronic medical implants for humans at Black Hat. The slot at the Las Vegas conference was left open, allowing friends and colleagues to gather togeth...

Read more...

References

NVD-CWE-noinfohttp://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.htmlhttp://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.htmlhttp://www.adobe.com/support/security/advisories/apsa13-02.htmlhttp://www.adobe.com/support/security/bulletins/apsb13-07.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2013-02/msg00021.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0551.htmlhttp://security.gentoo.org/glsa/glsa-201308-03.xmlhttp://www.kb.cert.org/vuls/id/422807http://blogs.mcafee.com/mcafee-labs/digging-into-the-sandbox-escape-technique-of-the-recent-pdf-exploithttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A16296https://access.redhat.com/errata/RHSA-2013:0551https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/422807
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook