Exposures › CVE-2009-3459
Adobe Acrobat and Reader exploited a heap-based buffer overflow vulnerability allowing remote code execution via crafted PDF files.
This vulnerability enabled remote attackers to execute arbitrary code through crafted PDF files, posing a significant risk to DIB organizations using Adobe products on unpatched systems. The vulnerability was actively exploited in the wild, requiring immediate patching to prevent potential compromise of sensitive systems.
Shame score — The vulnerability was actively exploited in the wild and required prompt remediation, indicating a failure to maintain security posture on widely used products.
Adobe Acrobat and Reader contain a heap-based buffer overflow vulnerability which could allow remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption.
| Product | Provider | Status | Match |
|---|---|---|---|
| Adobe Acrobat Sign for Government | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Analytics | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Campaign | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Connect Managed Services (ACMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Creative Cloud for Enterprise | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Document Cloud (PDF Services & Adobe Sign) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Experience Manager Managed Services (AEMMS-GC) | Adobe | Authorized | vendor-exact · 0.90 |
| Adobe Learning Manager | Adobe | Authorized | vendor-exact · 0.90 |