CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
AI Score
Confidence
High
EPSS
Percentile
95.8%
Integer overflow in Adobe Reader and Acrobat 9.x before 9.5.1 and 10.x before 10.1.3 allows attackers to execute arbitrary code via a crafted TrueType font.
Vendor | Product | Version | CPE |
---|---|---|---|
adobe | acrobat_reader | 9.0 | cpe:2.3:a:adobe:acrobat_reader:9.0:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.1 | cpe:2.3:a:adobe:acrobat_reader:9.1:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.1.1 | cpe:2.3:a:adobe:acrobat_reader:9.1.1:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.1.2 | cpe:2.3:a:adobe:acrobat_reader:9.1.2:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.1.3 | cpe:2.3:a:adobe:acrobat_reader:9.1.3:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.2 | cpe:2.3:a:adobe:acrobat_reader:9.2:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.3 | cpe:2.3:a:adobe:acrobat_reader:9.3:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.3.1 | cpe:2.3:a:adobe:acrobat_reader:9.3.1:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.3.2 | cpe:2.3:a:adobe:acrobat_reader:9.3.2:*:*:*:*:*:*:* |
adobe | acrobat_reader | 9.3.3 | cpe:2.3:a:adobe:acrobat_reader:9.3.3:*:*:*:*:*:*:* |
lists.opensuse.org/opensuse-security-announce/2012-04/msg00013.html
lists.opensuse.org/opensuse-security-announce/2012-04/msg00016.html
lists.opensuse.org/opensuse-security-announce/2012-04/msg00017.html
rhn.redhat.com/errata/RHSA-2012-0469.html
secunia.com/advisories/48756
secunia.com/advisories/48846
www.adobe.com/support/security/bulletins/apsb12-08.html
www.securityfocus.com/bid/52951
www.securitytracker.com/id?1026908
www.us-cert.gov/cas/techalerts/TA12-101B.html
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14860