CVE-2009-3954

Adobe Reader/Acrobat <9.3-8.2 - RCE

Title source: llm
STIX 2.1

Description

The 3D implementation in Adobe Reader and Acrobat 9.x before 9.3, and 8.x before 8.2 on Windows and Mac OS X, might allow attackers to execute arbitrary code via unspecified vectors, related to a "DLL-loading vulnerability."

References (12)

Core 12
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id?1023446
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38138
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/55552
Patch, Vendor Advisory x_refsource_confirm
http://www.adobe.com/support/security/bulletins/apsb10-02.html
Vendor Advisory vendor-advisory x_refsource_redhat
http://www.redhat.com/support/errata/RHSA-2010-0060.html
Third Party Advisory, VDB Entry vdb-entry signature x_refsource_oval
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8528
Vendor Advisory vdb-entry x_refsource_vupen
http://www.vupen.com/english/advisories/2010/0103
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/37761
Issue Tracking x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=554293
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/38215
US Government Resource third-party-advisory x_refsource_cert
http://www.us-cert.gov/cas/techalerts/TA10-013A.html

Scores

EPSS 0.0905
EPSS Percentile 94.7%

Details

CWE
CWE-94
Status published
Products (50)
adobe/acrobat 3.0
adobe/acrobat 3.1
adobe/acrobat 4.0
adobe/acrobat 4.0.5
adobe/acrobat 4.0.5a
adobe/acrobat 4.0.5c
adobe/acrobat 5.0
adobe/acrobat 5.0.5
adobe/acrobat 5.0.6
adobe/acrobat 5.0.10
... and 40 more
Published Jan 13, 2010
Tracked Since Feb 18, 2026