CVE-2009-0927 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	8.8 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
mitre	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	8.8 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 99%

Vendor	Product	Version
adobe	acrobat_reader	7.0 ≤ 𝑥 < 7.1.1
adobe	acrobat_reader	8.0 ≤ 𝑥 < 8.1.3
adobe	acrobat_reader	9.0 ≤ 𝑥 < 9.1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-20 - Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
CWE-121 - Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).

References

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html

http://secunia.com/advisories/34490

http://secunia.com/advisories/34706

http://secunia.com/advisories/34790

http://security.gentoo.org/glsa/glsa-200904-17.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1

http://www.adobe.com/support/security/bulletins/apsb09-04.html

http://www.exploit-db.com/exploits/9579

http://www.securityfocus.com/archive/1/502116/100/0/threaded

http://www.securityfocus.com/bid/34169

http://www.securitytracker.com/id?1021861

http://www.vupen.com/english/advisories/2009/0770

http://www.vupen.com/english/advisories/2009/1019

http://www.zerodayinitiative.com/advisories/ZDI-09-014

https://exchange.xforce.ibmcloud.com/vulnerabilities/49312

http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00005.html

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00010.html

http://secunia.com/advisories/34490

http://secunia.com/advisories/34706

http://secunia.com/advisories/34790

http://security.gentoo.org/glsa/glsa-200904-17.xml

http://sunsolve.sun.com/search/document.do?assetkey=1-66-256788-1

http://www.adobe.com/support/security/bulletins/apsb09-04.html

http://www.exploit-db.com/exploits/9579

http://www.securityfocus.com/archive/1/502116/100/0/threaded

http://www.securityfocus.com/bid/34169

http://www.securitytracker.com/id?1021861

http://www.vupen.com/english/advisories/2009/0770

http://www.vupen.com/english/advisories/2009/1019

http://www.zerodayinitiative.com/advisories/ZDI-09-014

https://exchange.xforce.ibmcloud.com/vulnerabilities/49312