What is GHSA-q52p-3m33-w676?

GHSA-q52p-3m33-w676 is a security advisory published by GitHub Security Advisories with High severity. Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9...

Which CVE IDs does GHSA-q52p-3m33-w676 cover?

GHSA-q52p-3m33-w676 covers the following CVE IDs: CVE-2009-3459. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-q52p-3m33-w676?

GHSA-q52p-3m33-w676 has a CVSS v3 base score of 8.8, published by GitHub Security Advisories.

GHSA-q52p-3m33-w676HighCVSS 8.8

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9...

Vendor

GitHub Security Advisories

Published

May 2, 2022

Last Modified

May 20, 2026

🔗 CVE IDs covered (1)

CVE-2009-3459 →

📋 Description

Heap-based buffer overflow in Adobe Reader and Acrobat 7.x before 7.1.4, 8.x before 8.1.7, and 9.x before 9.2 allows remote attackers to execute arbitrary code via a crafted PDF file that triggers memory corruption, as exploited in the wild in October 2009. NOTE: some of these details are obtained from third party information.

🔗 References (15)

https://nvd.nist.gov/vuln/detail/CVE-2009-3459
https://exchange.xforce.ibmcloud.com/vulnerabilities/53691
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6534
http://blogs.adobe.com/psirt/2009/10/adobe_reader_and_acrobat_issue_1.html
http://isc.sans.org/diary.html?storyid=7300
http://secunia.com/advisories/36983
http://securitytracker.com/id?1023007
http://www.adobe.com/support/security/bulletins/apsb09-15.html
http://www.iss.net/threats/348.html
http://www.securityfocus.com/bid/36600
http://www.us-cert.gov/cas/techalerts/TA09-286B.html
http://www.vupen.com/english/advisories/2009/2851
http://www.vupen.com/english/advisories/2009/2898
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2009-3459
https://github.com/advisories/GHSA-q52p-3m33-w676