4.3

CVE-2009-2979

Adobe Reader and Acrobat 9.x before 9.2, 8.x before 8.1.7, and possibly 7.x through 7.1.4 do not properly perform XMP-XML entity expansion, which allows remote attackers to cause a denial of service via a crafted document.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
AdobeAcrobat Version <= 9.1.3
AdobeAcrobat Version7.0
AdobeAcrobat Version7.0.1
AdobeAcrobat Version7.0.2
AdobeAcrobat Version7.0.3
AdobeAcrobat Version7.0.4
AdobeAcrobat Version7.0.5
AdobeAcrobat Version7.0.6
AdobeAcrobat Version7.0.7
AdobeAcrobat Version7.0.8
AdobeAcrobat Version7.0.9
AdobeAcrobat Version7.1.0
AdobeAcrobat Version7.1.1
AdobeAcrobat Version7.1.3
AdobeAcrobat Version8.0
AdobeAcrobat Version8.1
AdobeAcrobat Version8.1.1
AdobeAcrobat Version8.1.2
AdobeAcrobat Version8.1.3
AdobeAcrobat Version8.1.4
AdobeAcrobat Version8.1.6
AdobeAcrobat Version9.0
AdobeAcrobat Version9.1.1
AdobeAcrobat Version9.1.2
AdobeAcrobat Reader Version <= 9.1.3
AdobeAcrobat Reader Version7.0
AdobeAcrobat Reader Version7.0.1
AdobeAcrobat Reader Version7.0.2
AdobeAcrobat Reader Version7.0.3
AdobeAcrobat Reader Version7.0.4
AdobeAcrobat Reader Version7.0.5
AdobeAcrobat Reader Version7.0.6
AdobeAcrobat Reader Version7.0.7
AdobeAcrobat Reader Version7.0.8
AdobeAcrobat Reader Version7.0.9
AdobeAcrobat Reader Version7.1.0
AdobeAcrobat Reader Version7.1.1
AdobeAcrobat Reader Version7.1.3
AdobeAcrobat Reader Version8.0
AdobeAcrobat Reader Version8.1
AdobeAcrobat Reader Version8.1.1
AdobeAcrobat Reader Version8.1.2
AdobeAcrobat Reader Version8.1.3
AdobeAcrobat Reader Version8.1.4
AdobeAcrobat Reader Version8.1.5
AdobeAcrobat Reader Version8.1.6
AdobeAcrobat Reader Version9.0
AdobeAcrobat Reader Version9.1
AdobeAcrobat Reader Version9.1.1
AdobeAcrobat Reader Version9.1.2
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 3.19% 0.864
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 4.3 8.6 2.9
AV:N/AC:M/Au:N/C:N/I:N/A:P
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://securitytracker.com/id?1023007
http://www.adobe.com/support/security/bulletins/apsb09-15.html
Patch
Vendor Advisory
http://www.us-cert.gov/cas/techalerts/TA09-286B.html
Patch
US Government Resource
http://www.vupen.com/english/advisories/2009/2898
Patch
Vendor Advisory
http://www.securityfocus.com/bid/36638
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6280