HIGH 8.8 KEV Publié le 2009-03-19

CVE-2009-0927

Stack-based buffer overflow in Adobe Reader and Adobe Acrobat 9 before 9.1, 8 before 8.1.3 , and 7 before 7.1.1 allows remote attackers to execute arbitrary code via a crafted argument to the getIcon method of a Collab object, a different vulnerability than CVE-2009-0658.

CVSS v3 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

Ajouté au KEV: 2022-03-25
Deadline remédiation: 2022-04-15
Action requise: Apply updates per vendor instructions.
Ransomware: Non

Apps mobiles affectées

Adobe Acrobat Reader pour PDF

Android

com.adobe.reader

1 CVE 1 KEV

Adobe Acrobat Reader: Lire PDF

iOS

com.adobe.Adobe-Reader

1 CVE 1 KEV

Configurations CPE vulnérables

Vendor	Produit	Plateforme	Versions	CPE 2.3 URI
adobe	acrobat_reader	Android	≥7.0 <7.1.1	cpe:2.3:a:adobe:acrobat_reader::::::::
adobe	acrobat_reader	iOS	≥7.0 <7.1.1	cpe:2.3:a:adobe:acrobat_reader::::::::
adobe	acrobat_reader	Android	≥8.0 <8.1.3	cpe:2.3:a:adobe:acrobat_reader::::::::
adobe	acrobat_reader	iOS	≥8.0 <8.1.3	cpe:2.3:a:adobe:acrobat_reader::::::::
adobe	acrobat_reader	Android	≥9.0 <9.1	cpe:2.3:a:adobe:acrobat_reader::::::::
adobe	acrobat_reader	iOS	≥9.0 <9.1	cpe:2.3:a:adobe:acrobat_reader::::::::

Voir sur NVD ↗ Catalogue CISA KEV ↗