CVE-2009-2993

NONECVSS 0.0

0.0

The JavaScript for Acrobat API in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 does not properly implement the (1) Privileged Context and (2) Safe Path restrictions for unspecified JavaScript methods, which allows remote attackers to create arbitrary files, and possibly execute arbitrary code, via the cPath parameter in a crafted PDF file. NOTE: some of these details are obtained from third party information.

🔗 References (16)

cve@mitrehttp://securitytracker.com/id?1023007
cve@mitrehttp://www.adobe.com/support/security/bulletins/apsb09-15.html
cve@mitrehttp://www.kb.cert.org/vuls/id/257117
cve@mitrehttp://www.securityfocus.com/bid/36638
cve@mitrehttp://www.securityfocus.com/bid/36664
cve@mitrehttp://www.us-cert.gov/cas/techalerts/TA09-286B.html
cve@mitrehttp://www.vupen.com/english/advisories/2009/2898
cve@mitrehttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5822
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023007
af854a3a-2127-422b-91ae-364da2661108http://www.adobe.com/support/security/bulletins/apsb09-15.html
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/257117
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36638
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/36664
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA09-286B.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2009/2898

Is Your Infrastructure Affected by CVE-2009-2993?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2009-2993

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2009-2993?