CyberSec.Space Logo
Back to CVE Browser

CVE-2011-2462

Known Exploited (CISA KEV)CRITICAL
9.8
CVSS Severity Score
EPSS Score84.8070%
EPSS Percentile98.24th
PublishedDec 7, 2011
Last ModifiedApr 21, 2026

Vulnerability Description

Unspecified vulnerability in the U3D component in Adobe Reader and Acrobat 10.1.1 and earlier on Windows and Mac OS X, and Adobe Reader 9.x through 9.4.6 on UNIX, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via unknown vectors, as exploited in the wild in December 2011.

Affected Platforms (CPE)

πŸ“¦
Adobe

Acrobat

<= 10.1.1
πŸ“¦
Adobe

Acrobat Reader

<= 10.1.1
πŸ“¦
Adobe

Acrobat Reader

>= 9.0 and <= 9.4.6

References & Advisories

πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00019.html
πŸ”— http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00020.html
πŸ”— http://www.adobe.com/support/security/advisories/apsa11-04.html
πŸ”— http://www.adobe.com/support/security/bulletins/apsb11-30.html
πŸ”— http://www.adobe.com/support/security/bulletins/apsb12-01.html
πŸ”— http://www.redhat.com/support/errata/RHSA-2012-0011.html
πŸ”— http://www.us-cert.gov/cas/techalerts/TA11-350A.html
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14562

Related Vulnerabilities

CVE-2004-063110.0

Buffer overflow in the uudecoding feature for Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions...

CVE-2004-115210.0

Buffer overflow in the mailListIsPdf function in Adobe Acrobat Reader 5.09 for Unix allows remote attackers to execute arbitrary c...

CVE-2004-063010.0

The uudecoding feature in Adobe Acrobat Reader 5.0.5 and 5.0.6 for Unix and Linux, and possibly other versions including those bef...

CVE-2004-115310.0

Format string vulnerability in Adobe Acrobat Reader 6.0.0 through 6.0.2 allows remote attackers to cause a denial of service (appl...