CVE-2011-2462
Adobe Acrobat and Reader Universal 3D Memory Corruption Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
YesDecision
Descriptions
Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.
Vulnerabilidad no especificada en el componente de U3D en Adobe Reader y Acrobat v10.1.1 y versiones anteriores para Windows y Mac OS X, y Adobe Reader v9.x hasta v9.4.6 en UNIX, permite a atacantes remotos ejecutar código de su elección o causar una denegación de servicio (corrupción de memoria) a través de vectores desconocidos, explotado "in the wild" en diciembre de 2011.
The Universal 3D (U3D) component in Adobe Acrobat and Reader contains a memory corruption vulnerability which could allow remote attackers to execute code or cause denial-of-service (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2011-06-06 CVE Reserved
- 2011-12-07 CVE Published
- 2012-01-14 First Exploit
- 2022-06-08 Exploited in Wild
- 2022-06-22 KEV Due Date
- 2024-08-06 CVE Updated
- 2024-09-15 EPSS Updated
CWE
- CWE-787: Out-of-bounds Write
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.adobe.com/support/security/bulletins/apsb11-30.html | Not Applicable | |
| http://www.adobe.com/support/security/bulletins/apsb12-01.html | Not Applicable | |
| http://www.us-cert.gov/cas/techalerts/TA11-350A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562 | Broken Link |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/18366 | 2012-01-14 |
| URL | Date | SRC |
|---|
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 10.1.1 Search vendor "Adobe" for product "Acrobat" and version " <= 10.1.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Search vendor "Adobe" for product "Acrobat" | <= 10.1.1 Search vendor "Adobe" for product "Acrobat" and version " <= 10.1.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 10.1.1 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 10.1.1" | - |
Affected
| in | Apple Search vendor "Apple" | Mac Os X Search vendor "Apple" for product "Mac Os X" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | <= 10.1.1 Search vendor "Adobe" for product "Acrobat Reader" and version " <= 10.1.1" | - |
Affected
| in | Microsoft Search vendor "Microsoft" | Windows Search vendor "Microsoft" for product "Windows" | - | - |
Safe
|
| Adobe Search vendor "Adobe" | Acrobat Reader Search vendor "Adobe" for product "Acrobat Reader" | >= 9.0 <= 9.4.6 Search vendor "Adobe" for product "Acrobat Reader" and version " >= 9.0 <= 9.4.6" | - |
Affected
| in | Opengroup Search vendor "Opengroup" | Unix Search vendor "Opengroup" for product "Unix" | - | - |
Safe
|