Back to KEVs

CVE-2011-2462

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through...

Basic Information

CVE State: PUBLISHED
Reserved Date: June 06, 2011
Published Date: December 07, 2011
Last Updated: February 04, 2025
Vendor: n/a
Product: n/a
Description: Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

CVSS Scores

CVSS v3.1

9.8 - CRITICAL

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: total

Exploit Status

Exploited in the Wild: Yes (added 2022-06-08 00:00:00 UTC) Source

References

http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html http://www.adobe.com/support/security/bulletins/apsb12-01.html http://www.adobe.com/support/security/advisories/apsa11-04.html http://www.redhat.com/support/errata/RHSA-2012-0011.html http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html http://www.adobe.com/support/security/bulletins/apsb11-30.html https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562 http://www.us-cert.gov/cas/techalerts/TA11-350A.html

Known Exploited Vulnerability Information

Source	Added Date
CISA	2022-06-08 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Metasploit	https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_reader_u3d.rb	2025-04-29 11:01:34 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

adobe_reader_u3d

Type: metasploit • Created: Unknown

Metasploit module for CVE-2011-2462