Computer Security

CVE-2009-3953
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



CVECVE-2009-3953
StatusCandidate
DescriptionThe U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.
SeverityHigh
CVSS score10
CVSS vector(AV:N/AC:L/Au:N/C:C/I:C/A:C)
PhaseAssigned (21.08.2010)
NVD:http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-3953
ReferencesBID : 37758
 CERT : TA10-013A
 CONFIRM : http://www.adobe.com/support/security/bulletins/ap...
 CONFIRM : https://bugzilla.redhat.com/show_bug.cgi?id=554293
 MISC : http://www.metasploit.com/modules/exploit/windows/...
 OSVDB : 61690
 OVAL : oval:org.mitre.oval:def:8242
 REDHAT : RHSA-2010:0060
 SECTRACK : 1023446
 SECUNIA : 38138
 SECUNIA : 38215
 SUSE : SUSE-SA:2010:008
 VUPEN : ADV-2010-0103
 XF : acrobat-reader-u3d-code-execution(55551)
SecurityVulns:Adobe Acrobat and Reader multiple security vulnerabilities
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server