[CVE-2009-3953] Adobe Acrobat and Reader Universal 3D Remote Code Execution Vulnerability

NVD 상세 정보

설명: The U3D implementation in Adobe Reader and Acrobat 9.x before 9.3, 8.x before 8.2 on Windows and Mac OS X, and 7.x before 7.1.4 allows remote attackers to execute arbitrary code via malformed U3D data in a PDF document, related to a CLODProgressiveMeshDeclaration "array boundary issue," a different vulnerability than CVE-2009-2994.

CWE: CWE-787 | CWE-787

참조

• http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html [Mailing List, Third Party Advisory]
• http://osvdb.org/61690 [Broken Link]
• http://secunia.com/advisories/38138 [Broken Link]
• http://secunia.com/advisories/38215 [Broken Link]
• http://www.adobe.com/support/security/bulletins/apsb10-02.html [Not Applicable, Patch, Vendor Advisory]
• http://www.metasploit.com/modules/exploit/windows/fileformat/adobe_u3d_meshdecl [Third Party Advisory]
• http://www.redhat.com/support/errata/RHSA-2010-0060.html [Broken Link]
• http://www.securityfocus.com/bid/37758 [Broken Link, Third Party Advisory, VDB Entry]
• http://www.securitytracker.com/id?1023446 [Broken Link, Third Party Advisory, VDB Entry]
• http://www.us-cert.gov/cas/techalerts/TA10-013A.html [Third Party Advisory, US Government Resource]
• http://www.vupen.com/english/advisories/2010/0103 [Broken Link, Vendor Advisory]
• https://bugzilla.redhat.com/show_bug.cgi?id=554293 [Issue Tracking]
• https://exchange.xforce.ibmcloud.com/vulnerabilities/55551 [Third Party Advisory, VDB Entry]
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8242 [Broken Link]
• http://lists.opensuse.org/opensuse-security-announce/2010-01/msg00009.html [Mailing List, Third Party Advisory]
• ... 외 14건