Lucene search

K

AdobeCVELIST:CVE-2009-3953

HistoryJan 13, 2010 - 7:00 p.m.

CVE-2009-3953

2010-01-1319:00:00

adobe

www.cve.org

7

AI Score

7.3

Confidence

Low

EPSS

0.969

Percentile

99.8%

The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration “array boundary issue,” a different vulnerability than CVE-2009-2994.

References

lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html

osvdb.org/61690

secunia.com/advisories/38138

secunia.com/advisories/38215

www.adobe.com/support/security/bulletins/apsb10-02.html

www.metasploit.com/modules/exploit/windows/fileformat/adobe_u3d_meshdecl

www.redhat.com/support/errata/RHSA-2010-0060.html

www.securityfocus.com/bid/37758

www.securitytracker.com/id?1023446

www.us-cert.gov/cas/techalerts/TA10-013A.html

www.vupen.com/english/advisories/2010/0103

bugzilla.redhat.com/show_bug.cgi?id=554293

exchange.xforce.ibmcloud.com/vulnerabilities/55551

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8242

AI Score

7.3

Confidence

Low

EPSS

0.969

Percentile

99.8%

Related for CVELIST:CVE-2009-3953

nvd2 cve2 attackerkb1 prion2 canvas1 checkpoint_advisories4 seebug3 cvelist1 packetstorm2 exploitpack1 metasploit1 cisa_kev1 ubuntucve1 exploitdb2 securityvulns2 nessus28 redhat4 openvas14 threatpost1 suse2 gentoo2