Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3459
HistoryOct 13, 2009 - 10:30 a.m.

CVE-2009-3459

2009-10-1310:30:00
CWE-119
[email protected]
web.nvd.nist.gov
8

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.

Affected configurations

Nvd
Node
adobeacrobatRange≀9.1.3
OR
adobeacrobatMatch3.0
OR
adobeacrobatMatch3.1
OR
adobeacrobatMatch4.0
OR
adobeacrobatMatch4.0.5
OR
adobeacrobatMatch4.0.5a
OR
adobeacrobatMatch4.0.5c
OR
adobeacrobatMatch5.0
OR
adobeacrobatMatch5.0.5
OR
adobeacrobatMatch5.0.6
OR
adobeacrobatMatch5.0.10
OR
adobeacrobatMatch6.0
OR
adobeacrobatMatch6.0.1
OR
adobeacrobatMatch6.0.2
OR
adobeacrobatMatch6.0.3
OR
adobeacrobatMatch6.0.4
OR
adobeacrobatMatch6.0.5
OR
adobeacrobatMatch7.0
OR
adobeacrobatMatch7.0.1
OR
adobeacrobatMatch7.0.2
OR
adobeacrobatMatch7.0.3
OR
adobeacrobatMatch7.0.4
OR
adobeacrobatMatch7.0.5
OR
adobeacrobatMatch7.0.6
OR
adobeacrobatMatch7.0.7
OR
adobeacrobatMatch7.0.8
OR
adobeacrobatMatch7.0.9
OR
adobeacrobatMatch7.1.3
OR
adobeacrobatMatch8.0
OR
adobeacrobatMatch8.1
OR
adobeacrobatMatch8.1.1
OR
adobeacrobatMatch8.1.2
OR
adobeacrobatMatch8.1.3
OR
adobeacrobatMatch8.1.4
OR
adobeacrobatMatch8.1.6
OR
adobeacrobatMatch9
OR
adobeacrobatMatch9.0.0
OR
adobeacrobatMatch9.1
OR
adobeacrobatMatch9.1.1
OR
adobeacrobatMatch9.1.2
Node
adobeacrobat_readerRange≀9.0
OR
adobereaderMatch3.0
OR
adobereaderMatch4.0
OR
adobereaderMatch4.0.5
OR
adobereaderMatch4.0.5a
OR
adobereaderMatch4.0.5c
OR
adobereaderMatch4.5
OR
adobereaderMatch5.0
OR
adobereaderMatch5.0.5
OR
adobereaderMatch5.0.6
OR
adobereaderMatch5.0.7
OR
adobereaderMatch5.0.9
OR
adobereaderMatch5.0.10
OR
adobereaderMatch5.0.11
OR
adobereaderMatch5.1
OR
adobereaderMatch6.0
OR
adobereaderMatch6.0.1
OR
adobereaderMatch6.0.2
OR
adobereaderMatch6.0.3
OR
adobereaderMatch6.0.4
OR
adobereaderMatch6.0.5
OR
adobereaderMatch7.0.1
OR
adobereaderMatch7.0.2
OR
adobereaderMatch7.0.3
OR
adobereaderMatch7.0.5
OR
adobereaderMatch7.0.7
OR
adobereaderMatch7.0.8
OR
adobereaderMatch7.0.9
OR
adobereaderMatch7.1.0
OR
adobereaderMatch7.1.1
OR
adobereaderMatch7.1.3
OR
adobereaderMatch8.1.1
OR
adobereaderMatch8.1.2
OR
adobereaderMatch8.1.4
OR
adobereaderMatch8.1.6
OR
adobereaderMatch9.0
OR
adobereaderMatch9.1
OR
adobereaderMatch9.1.2
VendorProductVersionCPE
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
adobeacrobat3.0cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*
adobeacrobat3.1cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*
adobeacrobat4.0cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*
adobeacrobat4.0.5cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*
adobeacrobat4.0.5acpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*
adobeacrobat4.0.5ccpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*
adobeacrobat5.0cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*
adobeacrobat5.0.5cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*
adobeacrobat5.0.6cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 781

Related

checkpoint_advisories 1
packetstorm 2
ubuntucve 1
securityvulns 2
saint 4
cve 1
exploitdb 2
metasploit 2
prion 1
seebug 2
cvelist 1
openvas 8
redhat 1
nessus 13
gentoo 1
suse 1
checkpoint_advisories
checkpoint_advisories
Adobe Acrobat and Adobe Reader Deflate Parameter Integer Overflow (CVE-2009-3459)
2014-12-17 00:00:00
packetstorm
packetstorm
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-31 00:00:00
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-31 00:00:00
ubuntucve
ubuntucve
CVE-2009-3459
2009-10-13 00:00:00
securityvulns
securityvulns
In-depth research on the recent PDF zero-day exploit (CVE-2009-3459)
2009-10-19 00:00:00
Adobe Acrobat / Reader multiple security vulnerabilities
2009-10-19 00:00:00
saint
saint
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
Adobe Reader FlateDecode filter TIFF Predictor integer overflow
2009-10-27 00:00:00
cve
cve
CVE-2009-3459
2009-10-13 10:30:00
exploitdb
exploitdb
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (2)
2010-09-25 00:00:00
Adobe - FlateDecode Stream Predictor 02 Integer Overflow (Metasploit) (1)
2010-09-20 00:00:00
metasploit
metasploit
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-16 03:32:44
Adobe FlateDecode Stream Predictor 02 Integer Overflow
2009-12-16 20:37:57
prion
prion
Heap overflow
2009-10-13 10:30:00
seebug
seebug
Adobe Acrobat ReaderθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄ž
2009-10-09 00:00:00
Adobe Reader: Multiple vulnerabilities
2009-10-27 00:00:00
cvelist
cvelist
CVE-2009-3459
2009-10-13 10:00:00
openvas
openvas
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
RedHat Security Advisory RHSA-2009:1499
2009-10-19 00:00:00
Gentoo Security Advisory GLSA 200910-03 (acroread)
2009-10-27 00:00:00
redhat
redhat
(RHSA-2009:1499) Critical: acroread security update
2009-10-14 00:00:00
nessus
nessus
RHEL 3 / 4 / 5 : acroread (RHSA-2009:1499)
2009-10-15 00:00:00
GLSA-200910-03 : Adobe Reader: Multiple vulnerabilities
2009-10-26 00:00:00
SuSE 10 Security Update : Acrobat Reader (ZYPP Patch Number 6582)
2011-01-27 00:00:00
gentoo
gentoo
Adobe Reader: Multiple vulnerabilities
2009-10-25 00:00:00
suse
suse
remote code execution in acroread, acroread_ja
2009-10-26 13:17:31

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

AI Score

7.7

Confidence

Low

EPSS

0.973

Percentile

99.9%

JSON
Related for NVD:CVE-2009-3459
checkpoint_advisories1packetstorm2ubuntucve1securityvulns2saint4cve1exploitdb2metasploit2prion1seebug2cvelist1openvas8redhat1nessus13gentoo1suse1