CVE-2009-3458Executive Summary
| Informations | |||
|---|---|---|---|
| Name | CVE-2009-3458 | First vendor Publication | 2009-10-19 |
| Vendor | Cve | Last vendor Modification | 2010-08-21 |
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentification | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. |
Original Source
| Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3458 |
CWE : Common Weakness Enumeration
| id | Name |
|---|---|
| CWE-20 | Improper Input Validation |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:6499 | |||
| Oval ID: | oval:org.mitre.oval:def:6499 | ||
| Title: | Adobe Reader and Acrobat allow arbitrary code execution | ||
| Description: | Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 do not properly validate input, which might allow attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2009-2998. | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2009-3458 |
Version: | 11 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Vista Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows 7 |
Product(s): | Adobe Reader Adobe Acrobat |
| Definition Synopsis: | |||
|
|||
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 58910 | Adobe Reader / Acrobat Unspecified Arbitrary Code Execution (2009-3458) |
Internal Sources (Detail)
Alert History
| Date | Informations |
|---|---|
| 2013-05-10 23:58:24 |
|
(Critical)
