CVE-2013-0640

Severity

93%

Complexity

86%

Confidentiality

165%

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.

Adobe Reader and Acrobat 9.x before 9.5.4, 10.x before 10.1.6, and 11.x before 11.0.02 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document, as exploited in the wild in February 2013.

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

First reported 12 years ago

2013-02-14 01:55:00

Last updated 7 years ago

2017-09-19 01:35:00

Affected Software

Adobe Acrobat Reader 9.0

9.0

Adobe Acrobat Reader 9.1

9.1

Adobe Acrobat Reader 9.1.1

9.1.1

Adobe Acrobat Reader 9.1.2

9.1.2

Adobe Acrobat Reader 9.1.3

9.1.3

Adobe Acrobat Reader 9.2

9.2

Adobe Acrobat Reader 9.3

9.3

Adobe Acrobat Reader 9.3.1

9.3.1

Adobe Acrobat Reader 9.3.2

9.3.2

Adobe Acrobat Reader 9.3.3

9.3.3

Adobe Acrobat Reader 9.3.4

9.3.4

Adobe Acrobat Reader 9.4

9.4

Adobe Acrobat Reader 9.4.1

9.4.1

Adobe Acrobat Reader 9.4.2

9.4.2

Adobe Acrobat Reader 9.4.3

9.4.3

Adobe Acrobat Reader 9.4.4

9.4.4

Adobe Acrobat Reader 9.4.5

9.4.5

Adobe Acrobat Reader 9.4.6

9.4.6

Adobe Acrobat Reader 9.4.7

9.4.7

Adobe Acrobat Reader 9.5

9.5

Adobe Acrobat Reader 9.5.1

9.5.1

Adobe Acrobat Reader 9.5.2

9.5.2

Adobe Acrobat Reader 9.5.3

9.5.3

Adobe Acrobat Reader X (10.0)

10.0

Adobe Acrobat Reader X (10.0.1)

10.0.1

Adobe Acrobat Reader X (10.0.2)

10.0.2

Adobe Acrobat Reader X (10.0.3)

10.0.3

Adobe Acrobat Reader X 10.1

10.1

Adobe Acrobat Reader X 10.1.1

10.1.1

Adobe Acrobat Reader X (10.1.2)

10.1.2

Adobe Acrobat Reader X (10.1.3)

10.1.3

Adobe Acrobat Reader X (10.1.4)

10.1.4

Adobe Acrobat Reader 10.1.5

10.1.5

Adobe Acrobat Reader 11.0

11.0

Adobe Acrobat Reader XI (11.0.1)

11.0.1

Adobe Acrobat 9.0

9.0

Adobe Acrobat 9.0 Professional

9.0

Adobe Acrobat 9.1

9.1

Adobe Acrobat 9.1 Professional

9.1

Adobe Acrobat 9.1.1

9.1.1

Adobe Acrobat 9.1.1

9.1.1

アドビシステムズ アクロバット 9.1.2

9.1.2

アドビシステムズ アクロバット 9.1.3

9.1.3

Adobe Acrobat 9.1.3

9.1.3

Adobe Acrobat 9.2

9.2

Adobe Acrobat 9.2

9.2

Adobe Acrobat 9.3

9.3

Adobe Acrobat 9.3 Professional

9.3

Adobe Acrobat 9.3.1

9.3.1

Adobe Acrobat 9.3.1

9.3.1

Adobe Acrobat 9.3.2

9.3.2

Adobe Acrobat 9.3.2

9.3.2

Adobe Acrobat 9.3.3

9.3.3

Adobe Acrobat 9.3.4

9.3.4

Adobe Acrobat 9.3.4

9.3.4

Adobe Acrobat 9.4

9.4

Adobe Acrobat 9.4.1

9.4.1

Adobe Acrobat 9.4.1

9.4.1

Adobe Acrobat 9.4.2

9.4.2

Adobe Acrobat 9.4.2

9.4.2

Adobe Acrobat 9.4.3

9.4.3

Adobe Acrobat 9.4.3

9.4.3

Adobe Acrobat 9.4.4

9.4.4

Adobe Acrobat 9.4.4

9.4.4

Adobe Acrobat 9.4.5

9.4.5

Adobe Acrobat 9.4.5

9.4.5

Adobe Acrobat 9.4.6

9.4.6

Adobe Acrobat 9.4.6

9.4.6

Adobe Acrobat 9.4.7

9.4.7

Adobe Acrobat 9.5

9.5

Adobe Acrobat 9.5.1

9.5.1

Adobe Acrobat 9.5.2

9.5.2

Adobe Acrobat 9.5.3

9.5.3

Adobe Acrobat X (10.0)

10.0

Adobe Acrobat X Professional

10.0

Adobe Acrobat X (10.0.1)

10.0.1

Adobe Acrobat 10.0.1 Professional

10.0.1

Adobe Acrobat X (10.0.2)

10.0.2

Adobe Acrobat X (10.0.3)

10.0.3

Adobe Acrobat X (10.1)

10.1

Adobe Acrobat X (10.1.1)

10.1.1

Adobe Acrobat X (10.1.2)

10.1.2

Adobe Acrobat X (10.1.3)

10.1.3

Adobe Acrobat X (10.1.4)

10.1.4

Adobe Acrobat 10.1.5

10.1.5

Adobe Acrobat 11.0

11.0

Adobe Acrobat XI (11.0.1)

11.0.1

References

http://blog.fireeye.com/research/2013/02/in-turn-its-pdf-time.html

http://blogs.adobe.com/psirt/2013/02/adobe-reader-and-acrobat-vulnerability-report.html

openSUSE-SU-2013:0335

openSUSE-SU-2013:0342

SUSE-SU-2013:0349

RHSA-2013:0551

GLSA-201308-03

http://www.adobe.com/support/security/advisories/apsa13-02.html

http://www.adobe.com/support/security/bulletins/apsb13-07.html

VU#422807

US Government Resource

oval:org.mitre.oval:def:16406

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.