Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nvd[email protected]NVD:CVE-2009-3955
HistoryJan 13, 2010 - 7:30 p.m.

CVE-2009-3955

2010-01-1319:30:00
CWE-399
[email protected]
web.nvd.nist.gov
7

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.654

Percentile

98.0%

JSON

Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, allows remote attackers to execute arbitrary code via a crafted JPC_MS_RGN marker in the Jp2c stream of a JpxDecode encoded data stream, which triggers an integer sign extension that bypasses a sanity check, leading to memory corruption.

Affected configurations

Nvd
Node
adobeacrobatRange9.2
OR
adobeacrobatMatch3.0
OR
adobeacrobatMatch3.1
OR
adobeacrobatMatch4.0
OR
adobeacrobatMatch4.0.5
OR
adobeacrobatMatch4.0.5a
OR
adobeacrobatMatch4.0.5c
OR
adobeacrobatMatch5.0
OR
adobeacrobatMatch5.0.5
OR
adobeacrobatMatch5.0.6
OR
adobeacrobatMatch5.0.10
OR
adobeacrobatMatch6.0
OR
adobeacrobatMatch6.0.1
OR
adobeacrobatMatch6.0.2
OR
adobeacrobatMatch6.0.3
OR
adobeacrobatMatch6.0.4
OR
adobeacrobatMatch6.0.5
OR
adobeacrobatMatch6.0.6
OR
adobeacrobatMatch7.0
OR
adobeacrobatMatch7.0.1
OR
adobeacrobatMatch7.0.2
OR
adobeacrobatMatch7.0.3
OR
adobeacrobatMatch7.0.4
OR
adobeacrobatMatch7.0.5
OR
adobeacrobatMatch7.0.6
OR
adobeacrobatMatch7.0.7
OR
adobeacrobatMatch7.0.8
OR
adobeacrobatMatch7.0.9
OR
adobeacrobatMatch7.1.0
OR
adobeacrobatMatch7.1.1
OR
adobeacrobatMatch7.1.2
OR
adobeacrobatMatch7.1.3
OR
adobeacrobatMatch7.1.4
OR
adobeacrobatMatch8.0
OR
adobeacrobatMatch8.1
OR
adobeacrobatMatch8.1.1
OR
adobeacrobatMatch8.1.2
OR
adobeacrobatMatch8.1.3
OR
adobeacrobatMatch8.1.4
OR
adobeacrobatMatch8.1.5
OR
adobeacrobatMatch8.1.6
OR
adobeacrobatMatch8.1.7
OR
adobeacrobatMatch9.0
OR
adobeacrobatMatch9.1
OR
adobeacrobatMatch9.1.1
OR
adobeacrobatMatch9.1.2
OR
adobeacrobatMatch9.1.3
AND
applemac_os_x
OR
microsoftwindows
Node
adobeacrobat_readerRange9.2
OR
adobeacrobat_readerMatch3.0
OR
adobeacrobat_readerMatch3.01
OR
adobeacrobat_readerMatch3.02
OR
adobeacrobat_readerMatch4.0
OR
adobeacrobat_readerMatch4.0.5
OR
adobeacrobat_readerMatch4.0.5a
OR
adobeacrobat_readerMatch4.0.5c
OR
adobeacrobat_readerMatch4.5
OR
adobeacrobat_readerMatch5.0
OR
adobeacrobat_readerMatch5.0.5
OR
adobeacrobat_readerMatch5.0.6
OR
adobeacrobat_readerMatch5.0.7
OR
adobeacrobat_readerMatch5.0.9
OR
adobeacrobat_readerMatch5.0.10
OR
adobeacrobat_readerMatch5.0.11
OR
adobeacrobat_readerMatch5.1
OR
adobeacrobat_readerMatch6.0
OR
adobeacrobat_readerMatch6.0.1
OR
adobeacrobat_readerMatch6.0.2
OR
adobeacrobat_readerMatch6.0.3
OR
adobeacrobat_readerMatch6.0.4
OR
adobeacrobat_readerMatch6.0.5
OR
adobeacrobat_readerMatch7.0
OR
adobeacrobat_readerMatch7.0.1
OR
adobeacrobat_readerMatch7.0.2
OR
adobeacrobat_readerMatch7.0.3
OR
adobeacrobat_readerMatch7.0.4
OR
adobeacrobat_readerMatch7.0.5
OR
adobeacrobat_readerMatch7.0.6
OR
adobeacrobat_readerMatch7.0.7
OR
adobeacrobat_readerMatch7.0.8
OR
adobeacrobat_readerMatch7.0.9
OR
adobeacrobat_readerMatch7.1.0
OR
adobeacrobat_readerMatch7.1.1
OR
adobeacrobat_readerMatch7.1.2
OR
adobeacrobat_readerMatch7.1.3
OR
adobeacrobat_readerMatch8.0
OR
adobeacrobat_readerMatch8.1
OR
adobeacrobat_readerMatch8.1.1
OR
adobeacrobat_readerMatch8.1.2
OR
adobeacrobat_readerMatch8.1.4
OR
adobeacrobat_readerMatch8.1.5
OR
adobeacrobat_readerMatch8.1.6
OR
adobeacrobat_readerMatch8.1.7
OR
adobeacrobat_readerMatch9.0
OR
adobeacrobat_readerMatch9.1
OR
adobeacrobat_readerMatch9.1.1
OR
adobeacrobat_readerMatch9.1.2
OR
adobeacrobat_readerMatch9.1.3
AND
applemac_os_x
OR
microsoftwindows
VendorProductVersionCPE
adobeacrobat*cpe:2.3:a:adobe:acrobat:*:*:*:*:*:*:*:*
adobeacrobat3.0cpe:2.3:a:adobe:acrobat:3.0:*:*:*:*:*:*:*
adobeacrobat3.1cpe:2.3:a:adobe:acrobat:3.1:*:*:*:*:*:*:*
adobeacrobat4.0cpe:2.3:a:adobe:acrobat:4.0:*:*:*:*:*:*:*
adobeacrobat4.0.5cpe:2.3:a:adobe:acrobat:4.0.5:*:*:*:*:*:*:*
adobeacrobat4.0.5acpe:2.3:a:adobe:acrobat:4.0.5a:*:*:*:*:*:*:*
adobeacrobat4.0.5ccpe:2.3:a:adobe:acrobat:4.0.5c:*:*:*:*:*:*:*
adobeacrobat5.0cpe:2.3:a:adobe:acrobat:5.0:*:*:*:*:*:*:*
adobeacrobat5.0.5cpe:2.3:a:adobe:acrobat:5.0.5:*:*:*:*:*:*:*
adobeacrobat5.0.6cpe:2.3:a:adobe:acrobat:5.0.6:*:*:*:*:*:*:*
Rows per page:
1-10 of 991

Related

securityvulns 3
cve 1
checkpoint_advisories 2
prion 1
cvelist 1
nessus 14
redhat 3
openvas 4
threatpost 1
suse 1
securityvulns
securityvulns
iDefense Security Advisory 01.12.10: Adobe Reader and Acrobat JpxDecode Memory Corruption Vulnerability
2010-01-17 00:00:00
Security updates available for Adobe Reader and Acrobat
2010-01-17 00:00:00
Adobe Acrobat and Reader multiple security vulnerabilities
2010-03-15 00:00:00
cve
cve
CVE-2009-3955
2010-01-13 19:30:00
checkpoint_advisories
checkpoint_advisories
Adobe Reader JPEG2000 Region of Interest Memory Corruption (APSB10-02) - Ver2 (CVE-2009-3955)
2015-03-26 00:00:00
Adobe Reader JPEG2000 Region of Interest Memory Corruption (APSB10-02; CVE-2009-3955)
2010-01-12 00:00:00
prion
prion
Memory corruption
2010-01-13 19:30:00
cvelist
cvelist
CVE-2009-3955
2010-01-13 19:00:00
nessus
nessus
RHEL 5 : acroread (RHSA-2010:0037)
2013-01-24 00:00:00
RHEL 4 : acroread (RHSA-2010:0038)
2013-01-24 00:00:00
RHEL 3 : acroread (RHSA-2010:0060)
2013-01-24 00:00:00
redhat
redhat
(RHSA-2010:0038) Critical: acroread security update
2010-01-13 00:00:00
(RHSA-2010:0060) Critical: acroread security update
2010-01-20 00:00:00
(RHSA-2010:0037) Critical: acroread security and bug fix update
2010-01-13 00:00:00
openvas
openvas
Adobe Reader Multiple Vulnerabilities (Jan 2010) - Linux
2010-01-16 00:00:00
Adobe Reader/Acrobat Multiple Vulnerabilities (Jan 2010) - Windows
2010-01-16 00:00:00
SuSE Update for acroread SUSE-SA:2010:008
2010-01-29 00:00:00
threatpost
threatpost
Adobe PDF Reader Gets Another Security Makeover
2010-01-13 15:57:31
suse
suse
remote code execution in acroread
2010-01-26 16:40:23

CVSS2

10

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

AI Score

7.4

Confidence

High

EPSS

0.654

Percentile

98.0%

JSON
Related for NVD:CVE-2009-3955
securityvulns3cve1checkpoint_advisories2prion1cvelist1nessus14redhat3openvas4threatpost1suse1