CVE-2009-3459

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute...

Basic Information

CVE State
PUBLISHED
Reserved Date
September 29, 2009
Published Date
October 13, 2009
Last Updated
August 07, 2024
Vendor
Adobe
Product
Reader and Acrobat
Description
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
Tags
metasploit_scanner

CVSS Scores

CVSS v2.0

9.3

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Exploit Status

Exploited in the Wild
Yes (2009-10-13 10:00:00 UTC) Source

Known Exploited Vulnerability Information

Source Added Date
CVE 2009-10-13 10:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

adobe_flatedecode_predictor02

Type: metasploit • Created: Unknown

Metasploit module for CVE-2009-3459

adobe_flatedecode_predictor02

Type: metasploit • Created: Unknown

Metasploit module for CVE-2009-3459

Timeline

  • CVE ID Reserved

  • CVE Published to Public

  • Added to KEVIntel

  • Detected by Metasploit