9.3
CVE-2009-1061
- EPSS 11.03%
- Veröffentlicht 25.03.2009 01:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:25
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Unspecified vulnerability in Adobe Acrobat Reader 9 before 9.1, 8 before 8.1.4, and 7 before 7.1.1 might allow remote attackers to execute arbitrary code via unknown attack vectors related to JBIG2 and "input validation," a different vulnerability than CVE-2009-0193 and CVE-2009-1062.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Adobe ≫ Acrobat Reader Version >= 7.0 < 7.1.1
Adobe ≫ Acrobat Reader Version >= 8.0 < 8.1.4
Adobe ≫ Acrobat Reader Version >= 9.0 < 9.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 11.03% | 0.953 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.adobe.com/support/security/bulletins/apsb09-04.html
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html
http://secunia.com/advisories/34392
http://secunia.com/advisories/34490
http://secunia.com/advisories/34706
http://secunia.com/advisories/34790
http://security.gentoo.org/glsa/glsa-200904-17.xml
http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1
http://www.redhat.com/support/errata/RHSA-2009-0376.html
http://www.vupen.com/english/advisories/2009/1019
http://www.securityfocus.com/bid/34229
http://www.securitytracker.com/id?1021892