CVE-2009-3459
EXPLOITED IN THE WILDAdobe Acrobat < 9.1.3 - Memory Corruption
Title source: ruleDescription
Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.
Exploits (4)
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16652
exploitdb
WORKING POC
VERIFIED
by Metasploit · rubylocalwindows
https://www.exploit-db.com/exploits/16546
metasploit
WORKING POC
GOOD
by unknown, jduck, jabra · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/browser/adobe_flatedecode_predictor02.rb
metasploit
WORKING POC
GOOD
by unknown, jduck · rubypocwin
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/fileformat/adobe_flatedecode_predictor02.rb
References (12)
Scores
EPSS
0.8836
EPSS Percentile
99.5%
Details
VulnCheck KEV
2009-10-13
InTheWild.io
2018-10-30
CWE
CWE-119
Status
published
Products (50)
adobe/acrobat
3.0
adobe/acrobat
3.1
adobe/acrobat
4.0
adobe/acrobat
4.0.5
adobe/acrobat
4.0.5a
adobe/acrobat
4.0.5c
adobe/acrobat
5.0
adobe/acrobat
5.0.5
adobe/acrobat
5.0.6
adobe/acrobat
5.0.10
... and 40 more
Published
Oct 13, 2009
Tracked Since
Feb 18, 2026