CVE-2009-2983

Adobe Acrobat and Reader < 9.2 - Memory Corruption and Possible Remote Code Execution

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2009-2983. PoCs published by Skylined.

AI-analyzed exploit summary The provided text describes a remote code execution vulnerability in Adobe Reader and Acrobat due to improper handling of certain COM objects. Exploitation involves supplying a malicious PDF file or webpage to execute arbitrary code in the context of the user running the affected application.

Description

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 allow attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Skylined · textdoslinux

https://www.exploit-db.com/exploits/33283

View Code ZIP pw:eip

The provided text describes a remote code execution vulnerability in Adobe Reader and Acrobat due to improper handling of certain COM objects. Exploitation involves supplying a malicious PDF file or webpage to execute arbitrary code in the context of the user running the affected application.

Classification

Writeup 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Adobe Reader and Acrobat (versions affected in 2009)

No auth needed

Prerequisites: Victim interaction to open a malicious PDF file or webpage

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6

Core References

Third Party Advisory, VDB Entry vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/36638

Patch, US Government Resource third-party-advisory x_refsource_cert

http://www.us-cert.gov/cas/techalerts/TA09-286B.html

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://securitytracker.com/id?1023007

Patch, Vendor Advisory x_refsource_confirm

http://www.adobe.com/support/security/bulletins/apsb09-15.html

Patch, Vendor Advisory vdb-entry x_refsource_vupen

http://www.vupen.com/english/advisories/2009/2898

Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5636

Scores

EPSS 0.1213

EPSS Percentile 95.6%

Details

CWE

CWE-399

Status published

Products (50)

adobe/acrobat 7.0

adobe/acrobat 7.0.1

adobe/acrobat 7.0.2

adobe/acrobat 7.0.3

adobe/acrobat 7.0.4

adobe/acrobat 7.0.5

adobe/acrobat 7.0.6

adobe/acrobat 7.0.7

adobe/acrobat 7.0.8

adobe/acrobat 7.0.9

... and 40 more

Published Oct 19, 2009

Tracked Since Feb 18, 2026