Adobe Acrobat Denial-of-Service Vulnerability

vendor:

Acrobat

by:

SecurityFocus

7.5

CVSS

HIGH

Denial-of-Service

400

CWE

Product Name: Acrobat

Affected Version From: Acrobat 9.1.1

Affected Version To: Other versions may also be affected

Patch Exists: YES

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Adobe Acrobat Denial-of-Service Vulnerability

Adobe Acrobat is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data. Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Attackers may also be able to execute arbitrary code, but this has not been confirmed.

Mitigation:

Adobe has released an update to address this issue. Users should upgrade to the latest version.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/35148/info

Adobe Acrobat is prone to a denial-of-service vulnerability because it fails to perform adequate boundary checks on user-supplied data.

Attackers can exploit this issue to cause the affected application to crash, effectively denying service. Attackers may also be able to execute arbitrary code, but this has not been confirmed.

Acrobat 9.1.1 is vulnerable; other versions may also be affected.

NOTE: This BID was previously classified as a buffer-overflow issue, but further analysis reveals that it is a stack-exhaustion issue. Code execution is unlikely. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/33017.pdf